Skills
skills/gleanwork/glean-cli/glean-messages/Gen Agent Trust Hub

glean-messages

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes the glean CLI tool, a resource associated with the vendor 'gleanwork', to interact with the Glean service and retrieve message data.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface due to its handling of external message data.
  • Ingestion points: Untrusted message content from external platforms (e.g., Slack, Teams) is ingested via the glean messages get command in SKILL.md.
  • Boundary markers: No explicit markers or 'ignore' instructions are used to distinguish ingested message data from agent instructions.
  • Capability inventory: The skill has the capability to execute shell commands via the glean CLI tool to fetch data.
  • Sanitization: No sanitization or validation of the retrieved message content is performed before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 09:09 AM