unblocked-context-search-messages
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes the
unblockedCLI tool (unblocked context-search-messages) to perform semantic searches of team communication history. This is the primary intended functionality of the skill and uses the vendor's own command-line interface. - [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it ingests untrusted data from external messaging sources.
- Ingestion points: Retrieval of chat history from Slack and Microsoft Teams via the
context_search_messagescommand. - Boundary markers: Absent; the instructions do not specify the use of delimiters or warnings to the agent to ignore instructions embedded within the retrieved messages.
- Capability inventory: The agent has access to the
unblockedCLI and common file system tools (Grep, Glob, Read). - Sanitization: Absent; the retrieved message content is processed directly without filtering or sanitization of potentially malicious instructions.
Audit Metadata