postbox
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface.\n
- Ingestion points: The agent is instructed to retrieve and display external submission data using the
GET /api/forms/{form_id}/submissionsendpoint (as documented in references/api.md).\n - Boundary markers: There are no instructions in SKILL.md to wrap external submission data in delimiters or to ignore potential instructions embedded within that data.\n
- Capability inventory: The skill allows the agent to perform state-changing operations such as creating, updating, or deleting forms and knowledge bases via
curlcommands to the vendor's API (SKILL.md).\n - Sanitization: The instructions do not specify any sanitization, filtering, or validation of the external content before it is processed by the agent.
Audit Metadata