internal-comms
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it is designed to ingest and process information from external, potentially untrusted sources which could contain malicious instructions.
- Ingestion points: The files
examples/3p-updates.md,examples/company-newsletter.md, andexamples/faq-answers.mdinstruct the agent to retrieve data from Slack messages, Google Drive documents, Emails, Calendar events, and external press articles. - Boundary markers: Absent. The instructions do not define any delimiters or provide specific prompts to the agent to ignore instructions embedded within the retrieved data.
- Capability inventory: The skill is composed entirely of Markdown guidance and does not contain any executable code, scripts, or direct tool definitions.
- Sanitization: Absent. No sanitization or validation steps are included to filter or escape the retrieved external content before it is processed.
Audit Metadata