internal-comms
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Prompt Injection] (LOW): The skill is vulnerable to indirect prompt injection due to its core function of processing data from untrusted external sources.
- Ingestion points: Slack messages, Google Drive documents, Email threads, Calendar event details, and external press articles.
- Boundary markers: Absent. The templates do not define clear delimiters or provide instructions for the agent to ignore potentially malicious commands embedded in the source data.
- Capability inventory: Accessing and summarizing sensitive company communications across multiple platforms.
- Sanitization: Absent. No guidelines are provided for validating, escaping, or filtering content retrieved through tools before it is included in the agent's output.
- [No Code] (SAFE): The skill is composed entirely of markdown documentation and instructions, containing no scripts, binary files, or external software dependencies.
Audit Metadata