Skills
skills/graemerycyk/openpmkit/daily-brief/Gen Agent Trust Hub

daily-brief

Pass

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill handles untrusted data from multiple external sources which could contain malicious instructions meant to hijack the agent's behavior.
  • Ingestion points: The variables slack_messages, jira_updates, support_tickets, and community_activity in SKILL.md are directly interpolated into the prompt.
  • Boundary markers: There are no delimiters (like triple quotes or XML tags) or explicit instructions telling the model to ignore potential commands hidden within the provided context.
  • Capability inventory: The skill currently only generates text, but the risk would escalate if the agent were granted additional tools (e.g., file-write or network-access).
  • Sanitization: The input data is not sanitized or validated before being placed into the Output Template section.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 22, 2026, 04:09 PM