workspace-documentation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Prompt Injection] (LOW): Indirect Prompt Injection Surface. The skill is designed to ingest and structure data from conversation contexts which are untrusted. Malicious instructions within these conversations could be saved to the Notion workspace and later influence other users or automated processes. 1. Ingestion points: Chat conversation history as identified in SKILL.md and evaluation files. 2. Boundary markers: Absent; the instructions do not require the use of delimiters or warnings when processing the extracted content. 3. Capability inventory: Access to 'Notion:notion-create-pages', 'Notion:notion-update-page', and 'Notion:notion-search' for workspace modification. 4. Sanitization: Absent; the skill is instructed to preserve technical details and context from the discussion without filtering.
- [NO_CODE] (SAFE): No executable scripts, binaries, or configuration files for package managers were found. The skill consists entirely of instructional markdown and evaluation JSON.
Audit Metadata