internal-comms
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill's instructions create a vulnerability surface for indirect prompt injection. \n- Ingestion points: The agent is directed to ingest untrusted data from Slack, Email, Google Drive, and Calendar in the
examples/3p-updates.md,examples/company-newsletter.md, andexamples/faq-answers.mdfiles. \n- Boundary markers: The skill does not define delimiters or warnings to prevent the agent from executing instructions embedded within the data it retrieves. \n- Capability inventory: The agent is granted access to read and summarize highly sensitive corporate communications and files. \n- Sanitization: There are no procedures defined for sanitizing or validating the content gathered from these external tools.
Audit Metadata