sheets-automation
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of documentation, workflow diagrams, and configuration templates for business automation. No malicious code, scripts, or dangerous command patterns were detected.
- [PROMPT_INJECTION]: The skill describes workflows that ingest data from external sources, specifically Google Form responses and CRM data. This creates a potential surface for indirect prompt injection. 1. Ingestion points: Google Forms trigger and Sheets read actions in SKILL.md. 2. Boundary markers: Absent from the provided YAML workflow templates. 3. Capability inventory: Spreadsheet manipulation (read/write) and communication via Slack and Email. 4. Sanitization: No explicit sanitization or filtering logic is defined in the templates. This surface is expected for automation tools and no active malicious payloads were found.
Audit Metadata