taskflow-inbox-triage
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill defines a pattern for processing inbox messages, which is an indirect prompt injection surface because it ingests untrusted external data that could contain malicious instructions.
- Ingestion points: The skill ingests 'inbox items' and 'messages' for classification (referenced in SKILL.md).
- Boundary markers: No boundary markers or instructions to ignore embedded commands are present in the provided pattern.
- Capability inventory: The skill has the capability to post to Slack and generate summaries based on the processed data.
- Sanitization: The implementation logic does not show any sanitization or validation of the input content before it is passed to the classification or routing steps.
Audit Metadata