internal-comms
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill is susceptible to indirect prompt injection because it processes data from untrusted external sources without adequate safeguards.\n
- Ingestion points: The files
examples/3p-updates.md,examples/company-newsletter.md, andexamples/faq-answers.mdinstruct the agent to retrieve data from Slack, Email, Google Drive, Calendar, and External Press.\n - Boundary markers: Absent. There are no delimiters or instructions to ignore embedded commands within the retrieved data.\n
- Capability inventory: The skill enables the agent to generate company-wide newsletters and updates containing links and summaries, which could be used to propagate phishing links or malicious instructions injected into the source documents or messages.\n
- Sanitization: Absent. No validation or sanitization requirements are specified for the external content before it is processed and formatted for the final output.
Audit Metadata