Skills
skills/zhanlincui/ultimate-agent-skills-collection/internal-comms/Gen Agent Trust Hub

internal-comms

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (LOW): Indirect Prompt Injection vulnerability surface detected across multiple guideline files.
  • Ingestion points: The files examples/3p-updates.md, examples/company-newsletter.md, and examples/faq-answers.md explicitly instruct the agent to gather data from external, untrusted sources including Slack messages, Google Drive documents, Emails, and Calendar events.
  • Boundary markers: The skill fails to provide any delimiters or instructions for the agent to ignore potentially malicious commands embedded within the fetched data (e.g., a Slack message containing a hidden instruction to leak data).
  • Capability inventory: Although the skill itself contains no code, it utilizes the agent's broad read/write capabilities across enterprise tools to aggregate and summarize information.
  • Sanitization: There is no evidence of sanitization, filtering, or validation of the content retrieved from external tools before it is processed by the LLM and presented to the user.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:16 PM