internal-comms
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- PROMPT_INJECTION (LOW): The skill exhibits a significant surface for indirect prompt injection (Category 8).
- Ingestion points: The instructions in
examples/3p-updates.md,examples/company-newsletter.md, andexamples/faq-answers.mddirect the agent to fetch and process data from Slack, Google Drive, Email, and Calendar. - Boundary markers: There are no boundary markers or 'ignore' instructions to prevent the agent from following malicious commands embedded within the retrieved messages or documents.
- Capability inventory: The skill enables the agent to aggregate and relay potentially sensitive organizational data from various communication tools.
- Sanitization: No sanitization or validation steps are defined for the content retrieved from these external sources.
- NO_CODE (SAFE): The skill is composed exclusively of Markdown documentation and does not include any executable scripts, dependencies, or configuration files.
Audit Metadata