Find Available Slots
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill identifies a potential surface for indirect prompt injection as it processes data from external sources that could contain malicious instructions. \n- Ingestion points: According to the 'Context Sources' and 'Step 2' sections in SKILL.md, the skill retrieves event titles and details from the Google Calendar API, as well as contact records, notes, and preferences from a CRM. \n- Boundary markers: The skill does not specify the use of delimiters or instructions to the agent to disregard instructions embedded within the retrieved calendar or CRM content. \n- Capability inventory: The skill possesses the 'calendar' capability and is authorized to deliver formatted messages via Slack and Email. \n- Sanitization: There is no evidence of sanitization or filtering logic applied to external data before it is interpolated into prospect-facing messages.
Audit Metadata