people-lookup
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill ingests data from external organizational sources (employee bios, document metadata, etc.) which are considered untrusted inputs.
- Ingestion points: Data returned by mcp__glean employee_search, code_search, and regular search tools.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the logic.
- Capability inventory: The skill is restricted to information retrieval and display; no file system write access or unauthorized network calls were identified.
- Sanitization: No logic is provided to sanitize or filter the results returned by the search tools before they are processed by the agent.
Audit Metadata