asana
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS] (HIGH): Automated scanner (URLite) detected a malicious phishing URL in the Teams documentation. Evidence: Finding detected in Teams.md (URL:Phishing|UR456A4C66AEF66555-0200|urlb).
- [PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because it processes untrusted content from an external platform. Ingestion points: Operations such as getTask, getStoriesForTask, and getAuditLogEvents pull data (e.g., task descriptions and comments) from the Asana API into the agent's context. Boundary markers: The documentation does not specify the use of delimiters or 'ignore' instructions to prevent the agent from obeying commands embedded in this data. Capability inventory: The skill documentation covers numerous write operations including createTask, deleteTask, and createWebhook, which could be abused. Sanitization: No sanitization or validation of API response content is recommended in the documentation.
- [DATA_EXFILTRATION] (LOW): The skill makes network requests to app.asana.com, which is a non-whitelisted domain for security auditing purposes.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata