internal-comms
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill establishes an indirect prompt injection surface by instructing the agent to ingest and summarize content from untrusted internal and external communication channels.
- Ingestion points: Documentation in
examples/3p-updates.md,examples/company-newsletter.md, andexamples/faq-answers.mdexplicitly directs the agent to pull data from Slack messages, corporate emails, Google Drive documents, and external press reports. - Boundary markers: The instructions lack delimiters or specific directives to help the agent distinguish between informational content and potential malicious instructions embedded within the source data.
- Capability inventory: The skill requires the agent to have read access to sensitive organizational communication tools and document repositories.
- Sanitization: No procedures are defined for sanitizing, validating, or filtering retrieved content before it is processed by the model.
- [NO_CODE]: This skill consists entirely of Markdown guidance and configuration files; it does not contain any executable scripts, binary files, or code-based logic.
Audit Metadata