internal-comms
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes untrusted data from various company sources without clear security boundaries or sanitization.
- Ingestion points: The files
examples/3p-updates.md,examples/company-newsletter.md, andexamples/faq-answers.mdinstruct the agent to retrieve and summarize data from Slack, Google Drive, Email, and Calendar. - Boundary markers: The instructions do not define specific delimiters or directives to ensure the agent ignores potential commands or overrides embedded within the retrieved messages or documents.
- Capability inventory: The agent is authorized to read sensitive communication history and file contents and then format them into reports or newsletters for wider distribution.
- Sanitization: The skill lacks any requirement for content validation or filtering of the source data before it is incorporated into the generated communications.
Audit Metadata