internal-comms
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill is composed entirely of Markdown documentation and templates. No scripts, binaries, or configuration files capable of executing code are included in the package.
- [PROMPT_INJECTION]: The skill workflow defines a surface for indirect prompt injection because it instructs the agent to process data from external sources. * Ingestion points: The instructions in the
examples/directory direct the agent to read content from Slack, Google Drive, Email, and Calendar. * Boundary markers: The skill does not provide specific instructions to use delimiters or to ignore instructions embedded within the ingested data. * Capability inventory: The skill does not possess any high-risk capabilities, such as shell command execution, file system modification, or network requests to arbitrary domains. * Sanitization: No methods for validating or filtering the ingested content are defined in the provided guidelines.
Audit Metadata