Skills
skills/ken-cavanagh-glean/fieldkit/agent-spec-generator/Gen Agent Trust Hub

agent-spec-generator

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The tools catalog defines an environment that ingests untrusted data from multiple external sources, creating a surface for indirect prompt injection attacks.\n
  • Ingestion points: Glean Search, Glean Document Reader, Gmail, Google Docs, and Confluence (references/tools-catalog.md).\n
  • Boundary markers: Absent in the provided tool configuration templates.\n
  • Capability inventory: Includes automated actions like sending emails, posting to Slack, and creating Jira/Salesforce records (references/tools-catalog.md).\n
  • Sanitization: No mention of sanitization or validation for external content inputs.\n- Privilege Escalation (LOW): The catalog documents the 'skipUserInteraction' flag which allows for the execution of sensitive operations without manual approval, increasing the risk associated with successful prompt injections.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:48 PM