Skills
skills/diegoeis/skill-project-status-report/project-status-report/Gen Agent Trust Hub

project-status-report

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (LOW): Indirect prompt injection surface detected.
  • Ingestion points: The skill processes external data from meeting transcripts, Slack messages, emails, and Google Drive documents (via google_drive_fetch and google_drive_search).
  • Boundary markers: There are no explicit delimiters (e.g., XML tags or triple quotes) or 'ignore embedded instructions' warnings defined for the data ingestion process.
  • Capability inventory: The agent has the capability to search conversation history, fetch Google Drive files, and write/modify markdown files in the local filesystem or an Obsidian Vault.
  • Sanitization: The skill instructions lack explicit requirements to sanitize or escape ingested content before generating output reports, which could allow an attacker to embed malicious markdown or instructions in a processed transcript.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:15 PM