generate
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes data retrieved from external sources (e.g., person and company details) to generate content.
- Ingestion points: Data entering through the
find_person,find_company, andsearch_knowledge_basetools in SKILL.md. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the prompt templates.
- Capability inventory: The skill can invoke generation tools like
run_email_agentandgenerate_content, but it lacks access to the system shell or local file system. - Sanitization: There is no evidence of input validation or escaping for the data fetched from the knowledge base or person research tools.
Audit Metadata