Slack Pipeline Query
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill is defined entirely in markdown and YAML and does not contain any executable code or scripts, eliminating risks associated with code-based exploits.
- [DATA_EXFILTRATION]: The skill processes sensitive CRM data via internal platform actions. No external exfiltration points or network operations to untrusted domains were identified.
- [PROMPT_INJECTION]: The skill ingests user input for intent matching. Analysis shows ingestion of 'raw_query' from Slack in SKILL.md without explicit boundary markers or sanitization; however, the lack of side-effect capabilities beyond read-only CRM data display prevents significant risk.
Audit Metadata