messenger
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONNO_CODE
Full Analysis
- Prompt Injection (LOW): The skill establishes a pipeline for receiving and processing data from Facebook Messenger webhooks, which constitutes an indirect prompt injection surface.
- Ingestion points:
references/webhook-event-map.md(inbound messages and postbacks). - Boundary markers: Absent. The skill does not provide delimiters or instructions for the agent to distinguish between system instructions and untrusted user input.
- Capability inventory:
references/messaging.md(Send API) allows the agent to perform network-based messaging actions. - Sanitization: Absent. The provided templates do not include logic for sanitizing or escaping user-generated content.
- Data Exfiltration (LOW): The skill specifies network communication with an external API domain not included in the trusted whitelist.
- Evidence:
references/messenger-api-overview.mdpoints tohttps://graph.facebook.comfor API operations. - No Code (SAFE): No executable scripts, binaries, or automated installation packages are included. The skill consists entirely of documentation and configuration templates.
Audit Metadata