internal-comms
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): The skill instructions create a surface for Indirect Prompt Injection by directing the agent to process potentially untrusted organizational data.
- Ingestion points: Slack messages, Google Drive documents, and emails (identified in
examples/3p-updates.md,examples/company-newsletter.md, andexamples/faq-answers.md). - Boundary markers: Absent. The prompts do not specify delimiters or provide instructions to ignore commands embedded within the retrieved data.
- Capability inventory: The agent is empowered to read and summarize sensitive organizational information, including vision documents and executive announcements.
- Sanitization: Absent. No filtering or validation of the retrieved content is mentioned.
- [No Code] (SAFE): No executable scripts or binary files were found in the skill package; the logic is contained entirely within markdown-based prompt instructions.
Audit Metadata