connect
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): Requires installation of 'composio' and '@composio/core' from non-whitelisted sources.
- [PROMPT_INJECTION] (LOW): Significant indirect prompt injection surface. The skill processes data from external apps (emails, chat) and has powerful write capabilities. * Ingestion points: 1000+ integrations including Gmail and Slack. * Boundary markers: None. * Capability inventory: Write permissions for over 1000 services. * Sanitization: No sanitization of external data is performed.
- [DATA_EXFILTRATION] (SAFE): Skill's primary function is moving data between services, requiring explicit user authorization.
Audit Metadata