internal-comms
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality of aggregating information from diverse internal and external sources. Ingestion points: The instructions guide the agent to retrieve data from Slack, Google Drive, Email, Calendar, and external press releases. Boundary markers: No delimiters or explicit instructions to ignore embedded commands are provided to distinguish between the agent's instructions and the content being summarized. Capability inventory: The skill utilizes the agent's ability to read sensitive organizational data and generate synthesized communications for company-wide distribution. Sanitization: There is no evidence of sanitization or filtering of the input data to prevent malicious instructions embedded in communications from influencing the agent's behavior.
- [NO_CODE]: This skill consists entirely of Markdown instructions and template examples. It does not contain any executable scripts, binary files, or external code dependencies.
Audit Metadata