doc-briefing
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted content from external documents and URLs to generate summaries.
- Ingestion points: Content is ingested via WebFetch for URLs, specialized sub-skills for PDF and Word documents, and direct file reads for Markdown and Text files.
- Boundary markers: The instructions do not define specific delimiters or include directives for the model to ignore embedded instructions within the source material.
- Capability inventory: The skill possesses the capability to fetch web content and read local files, but lacks file-write or shell execution capabilities in the provided definition.
- Sanitization: No explicit instructions for sanitizing or validating ingested content are present.
- [EXTERNAL_DOWNLOADS]: The skill utilizes the WebFetch utility to retrieve content from remote URLs provided by the user during the processing workflow.
Audit Metadata