gtm-alignment
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill ingests data from external Notion databases. While it lacks explicit boundary markers for the data it processes, it does not possess any exploitable capabilities such as file system access or arbitrary command execution. * Ingestion points: Notion database queries via 'user-notion' MCP server in Phase 1 and Phase 2. * Boundary markers: Absent. * Capability inventory: Data mapping, table generation, and scoring logic only. * Sanitization: None.
- Data Exposure (SAFE): The skill contains hardcoded Notion Database IDs. These serve as resource identifiers for specific databases and do not constitute sensitive credentials like API keys or access tokens.
Audit Metadata