progress-reporting
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): Indirect Prompt Injection Surface detected. The skill is designed to ingest and summarize data from multiple external sources that could be influenced by third parties.
- Ingestion points: Untrusted data enters the agent context via
~~chat(Slack/Teams),~~project tracker(Linear/Jira/Asana),~~meeting transcription, and~~knowledge baseas described in SKILL.md. - Boundary markers: Absent. The instructions do not define delimiters or provide specific warnings to the agent to disregard embedded instructions within the fetched data.
- Capability inventory: The skill aggregates sensitive business information to produce reports. While it does not directly execute system commands, it processes and reflects data from many integrated tools.
- Sanitization: Absent. There is no evidence of input validation, escaping, or filtering of the content retrieved from external tools.
Audit Metadata