internal-comms
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of Markdown files and a license text file. No Python scripts, JavaScript files, shell scripts, or binary files are included in the skill package.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it is designed to summarize data from external sources. 1. Ingestion points: Identified in SKILL.md and multiple example files, which instruct the agent to read from Slack messages, Google Drive documents, Emails, Calendar events, and External press. 2. Boundary markers: The instructions provide no specific delimiters or warnings to ignore embedded instructions found within the source content. 3. Capability inventory: The skill does not possess capabilities to execute subprocesses, write to the file system, or perform arbitrary network operations. 4. Sanitization: There is no mention of input validation, sanitization, or filtering for the retrieved internal data.
Audit Metadata