internal-comms
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it directs the agent to process and summarize data from sources that can be controlled by third parties.
- Ingestion points: Slack messages, corporate emails, Google Drive documents, and calendar event details mentioned in
examples/3p-updates.md,examples/company-newsletter.md, andexamples/faq-answers.md. - Boundary markers: There are no specified delimiters or instructions for the agent to ignore potentially malicious embedded instructions within the ingested data.
- Capability inventory: The skill itself contains no code, but its workflow relies on the agent's ability to read and interpret data from multiple communication platforms.
- Sanitization: The instructions do not include any steps for sanitizing, filtering, or validating the content pulled from external tools before it is processed by the agent.
- [NO_CODE]: This skill contains no executable scripts, binaries, or configuration files that could be used to perform unauthorized actions on the host system. It is composed exclusively of Markdown instructions and metadata.
Audit Metadata