agency-digest-setup
Warn
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The setup process involves executing shell commands to create a Python virtual environment, install dependencies, and run the automation script.\n- [COMMAND_EXECUTION]: The skill configures a persistent task on macOS by creating a LaunchAgent plist file in
~/Library/LaunchAgents/and loading it withlaunchctl. This allows the script to run automatically at 8 AM daily.\n- [CREDENTIALS_UNSAFE]: The workflow asks the user for Intelligems API keys and Slack Webhook URLs, which are then stored in local configuration files (brands.jsonand.env).\n- [EXTERNAL_DOWNLOADS]: The skill installs common Python packages (requests,python-dotenv) from the official PyPI registry during setup.\n- [PROMPT_INJECTION]: The skill processes data from the Intelligems API and includes it in Slack messages, which represents a potential surface for indirect prompt injection.\n - Ingestion points: Data is fetched from
https://api.intelligems.io/v25-10-betainagency_digest.py.\n - Boundary markers: No specific delimiters or instructions are used to separate API data from the agent's logic.\n
- Capability inventory: The script has network access and is scheduled for recurring execution.\n
- Sanitization: The script does not perform validation or escaping of the content received from the API before sending it to Slack.
Audit Metadata