weekly-intel-digest
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection vulnerability by processing untrusted content from Slack channels and external social media feeds. This could allow malicious instructions embedded in a message to influence the report generation process. Ingestion points: Five Slack channels (#feed-swyft-meetings, #feed-swyft-customer-quotes, #feed-competitor-feedback, #feed-swyft-churn-risks, #feed-twitter) and DM responses from the tiger-analytics and eon bots. Boundary markers: Absent; the agent is not provided with delimiters or explicit instructions to ignore commands within the gathered data. Capability inventory: The skill utilizes slack_search_public_and_private, slack_send_message, and slack_read_user_profile to collect and report data. Sanitization: Absent; the skill does not perform any validation or sanitization of ingested messages before processing them with the language model.
Audit Metadata