teams-channel-post-writer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions to bypass safety or override agent behavior were found. The content is purely instructional for documentation tasks.- [Remote Code Execution] (SAFE): The skill contains no scripts, binaries, or external package dependencies.- [Data Exfiltration] (SAFE): No network operations (curl, wget) or access to sensitive local file paths were detected.- [Indirect Prompt Injection] (LOW): The skill workflow involves researching external documentation to write posts (SKILL.md Step 1). This creates a surface for indirect prompt injection from malicious documentation, though the skill provides no tools for exploitation. 1. Ingestion points: Research step in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: No scripts or tools. 4. Sanitization: Absent.
Audit Metadata