internal-comms
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by design, as it instructs the agent to aggregate content from external and potentially untrusted communication channels.
- Ingestion points: Files
examples/3p-updates.md,examples/company-newsletter.md, andexamples/faq-answers.mddirect the agent to retrieve data from Slack messages, emails, Google Drive documents, and external press articles. - Boundary markers: The instructions lack explicit delimiters or specific directives to ignore instructions embedded within the source material being summarized.
- Capability inventory: The skill does not contain executable scripts or code; however, it relies on the agent's underlying capabilities to access and read organizational data sources.
- Sanitization: There are no provided instructions for sanitizing, filtering, or escaping content retrieved from external sources before it is processed and formatted into the final output.
- [NO_CODE]: The skill is composed exclusively of Markdown documentation and instruction files. It does not include any Python scripts, Node.js modules, or other executable binaries.
Audit Metadata