onenote
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by processing content from OneNote pages.
- Ingestion points: Note content is retrieved via the
GET /onenote/pages/{pageId}/contentendpoint inSKILL.md. - Boundary markers: None are specified in the instructions to separate note content from agent instructions.
- Capability inventory: The skill has the capability to read, create, and update OneNote content through the Microsoft Graph API.
- Sanitization: No sanitization or validation of the retrieved content is described.
Audit Metadata