clockwork-daily-digest
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTIONNO_CODE
Full Analysis
- [DATA_EXFILTRATION]: The skill collects and summarizes sensitive employee performance data, including missing work hours and policy violations, and distributes it via email to defined member and administrator groups.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8) because it processes data from external systems.
- Ingestion points: Data is loaded from compliance logs, alert router logs, and Jira search results via the mcp-atlassian tool.
- Boundary markers: The skill does not define any delimiters or markers to isolate ingested data from the agent's instructions.
- Capability inventory: The agent has the capability to send emails via the Gmail MCP and search for data in Jira.
- Sanitization: There are no instructions for sanitizing or validating the data retrieved from external sources before it is processed or shared.
- [NO_CODE]: This skill consists entirely of Markdown configuration and workflow instructions and does not include any executable code or scripts.
Audit Metadata