meeting-briefing
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest and synthesize information from multiple external and potentially untrusted sources (Email, Chat, Calendar, Documents). This creates a surface where an attacker could embed malicious instructions in a document or email to manipulate the agent's output.
- Ingestion points: Accesses data from Calendar, Email, Chat (Slack/Teams), Documents (Box/SharePoint), CLM, and CRM systems as defined in
SKILL.md. - Boundary markers: The instructions lack explicit delimiters or warnings to the agent to ignore instructions embedded within the retrieved data.
- Capability inventory: The skill primarily performs read and summarization tasks across various enterprise integrations.
- Sanitization: There are no instructions for the agent to sanitize, filter, or validate the content retrieved from external sources before including it in the briefing.
Audit Metadata