Skills
skills/wadewarren/gws-claude-plugin/persona-exec-assistant/Gen Agent Trust Hub

persona-exec-assistant

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is identified as having an indirect prompt injection attack surface because it processes untrusted external data while possessing significant write capabilities.
  • Ingestion points: The instructions in SKILL.md direct the agent to ingest external content by triaging emails via gws gmail +triage and reviewing meeting descriptions through gws workflow +meeting-prep.
  • Boundary markers: The skill does not provide the agent with instructions to use boundary delimiters or to ignore potential instructions embedded within the retrieved data.
  • Capability inventory: The agent has access to capabilities that can affect external state, including sending emails via gws gmail +send and modifying calendar entries with gws calendar +insert.
  • Sanitization: There are no mechanisms described for sanitizing or validating external content before it is processed or acted upon by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 04:56 PM