internal-comms
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE] (SAFE): No malicious code, command execution, or exfiltration patterns detected. The skill's stated purpose aligns with its behavior.\n- [NO_CODE] (SAFE): This skill consists entirely of markdown instructions and does not include scripts, dependencies, or external binary files.\n- [Indirect Prompt Injection] (LOW): The skill identifies a potential attack surface by instructing the agent to process data from untrusted sources.\n
- Ingestion points: Slack messages, Emails, and Google Drive documents are processed as primary data sources (see
examples/3p-updates.md,examples/company-newsletter.md, andexamples/faq-answers.md).\n - Boundary markers: Absent; the instructions do not specify delimiters or system-level warnings to ignore instructions embedded within the source documents.\n
- Capability inventory: None; the skill does not include subprocess calls, network operations, or file-writing scripts.\n
- Sanitization: Absent; no instructions are provided to sanitize or validate the content of retrieved messages before summarization.
Audit Metadata