onenote
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Interacts with Microsoft OneNote via PowerShell COM objects to list, search, and create pages.
- [PROMPT_INJECTION]: Vulnerable to indirect prompt injection through note ingestion. Ingestion points: Notebook hierarchy and page content retrieved via GetHierarchy and FindPages in SKILL.md. Boundary markers: Absent; note content is not delimited or accompanied by ignore instructions. Capability inventory: Ability to create new pages and search existing notes. Sanitization: No evidence of input validation or output escaping for data retrieved from the application.
Audit Metadata