intelligems-test-portfolio
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION] (MEDIUM): An indirect prompt injection surface exists as the skill processes external data from the Intelligems API and directs the agent to present the findings conversationally. Evidence: Ingestion points: Intelligems API data processed in Step 3; Boundary markers: Absent; Capability inventory: Conversations in Step 4 and Slack messaging in Step 5; Sanitization: None documented.
- [COMMAND_EXECUTION] (LOW): The skill executes multiple shell commands to check the workspace, copy files, and run Python scripts.
- [DATA_EXFILTRATION] (LOW): The Slack automation feature allows analytics data to be transmitted to an external URL, representing a legitimate but noteworthy network egress point.
Audit Metadata