confluence-deep-reader
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill processes untrusted content from external Confluence pages, creating a potential surface for indirect prompt injection.\n
- Ingestion points: External data is retrieved via the
getConfluencePagetool as described in theSKILL.mdworkflow steps.\n - Boundary markers: Absent; there are no specific instructions to the agent to ignore or delimit instructions found within the page content.\n
- Capability inventory: The skill is limited to reading and synthesis; it does not utilize file system writes, shell execution, or outbound network calls to non-whitelisted domains.\n
- Sanitization: No sanitization or validation of the retrieved Confluence content is specified in the workflow.\n- [No Code] (SAFE): This skill consists entirely of instructional markdown and does not include any scripts or external software dependencies.
Audit Metadata