Skills
skills/devxoul/agent-messenger/agent-channeltalkbot/Gen Agent Trust Hub

agent-channeltalkbot

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes data from external Channel Talk chat sessions.
  • Ingestion points: Data enters the agent's context through snapshot, message list, and chat list commands as described in SKILL.md and references/common-patterns.md.
  • Boundary markers: There are no instructions requiring the agent to wrap untrusted chat content in delimiters or to ignore embedded instructions within processed messages.
  • Capability inventory: The agent has access to Bash(agent-channeltalkbot:*), which includes tools for sending messages, creating/deleting bots, and closing conversations.
  • Sanitization: No sanitization or validation of external message content is performed before the data is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 02:08 AM