The Agent Skills Directory

Indirect Prompt Injection (LOW): The skill is susceptible to indirect prompt injection because it instructs the agent to process data from untrusted external sources and multi-user internal platforms. Evidence: 1. Ingestion points: Slack messages, Google Drive documents, Emails, and External Press references. 2. Boundary markers: Absent; no instructions provided to treat ingested data as untrusted or to use delimiters. 3. Capability inventory: Data reading and summarization of organizational communications. 4. Sanitization: Absent; the agent is directed to pull and summarize content directly without validation.
Data Exposure & Exfiltration (LOW): The skill encourages broad searching of sensitive internal communication tools (Slack, Email, Calendar) to gather context for reports, which could lead to accidental exposure of sensitive information if not tightly scoped by the agent tools.

internal-comms