friday-brief
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- External Data Processing: The skill gathers information from external sources like PayPal and HubSpot to generate reports. While this is the intended functionality, processing data from external platforms is a potential surface for indirect prompt injection, where data could contain hidden instructions intended to influence the agent's behavior.
- Human-in-the-Loop Safeguards: The skill includes explicit instructions to never automate the sending or posting of reports. By requiring a human reviewer to approve the output before any action is taken, it effectively mitigates the risk of the agent executing commands influenced by external data.
- Injection Surface Details: The data ingestion occurs via the WebFetch and Read tools as defined in SKILL.md. Although specific boundary markers for this untrusted content are not explicitly mentioned, the mandatory approval gate acts as a robust control for the agent's capabilities.
Audit Metadata