team-communication
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Prompt Injection] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) due to its broad data ingestion surface. \n
- Ingestion points: The skill explicitly reads from Slack, Email, Google Drive, and External Press (referenced in
examples/company-newsletter.mdandexamples/faq-answers.md). \n - Boundary markers: Absent. The instructions do not define delimiters or provide warnings to the agent to ignore instructions found within the source content. \n
- Capability inventory: The agent can access sensitive internal communications and generate summaries (newsletters, FAQs) intended for company-wide distribution, potentially propagating malicious content. \n
- Sanitization: Absent. There are no instructions to escape, validate, or filter content retrieved from these external sources. \n
- [No Code] (SAFE): No executable scripts (.py, .js, .sh), configuration files, or binary executables were found in the skill package.
Audit Metadata