skills/flora131/atomic/intercom/Gen Agent Trust Hub

intercom

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides instructions for using terminal multiplexing tools such as cmux and tmux to manage multiple agent sessions. This includes automated commands for creating terminal splits and sending strings (which can be shell commands) to those sessions to orchestrate complex workflows. This behavior is consistent with the skill's primary purpose of session coordination.
  • [PROMPT_INJECTION]: The skill facilitates the ingestion of data from other agent sessions through the intercom tool (actions: ask, pending, reply). This establishes a surface for indirect prompt injection, where instructions contained within messages from a peer session could potentially influence the behavior of the receiving agent.
  • Ingestion points: Inbound messages delivered as the output of intercom tool calls in SKILL.md.
  • Boundary markers: The skill does not prescribe specific delimiters or instructions to treat peer-provided content as untrusted data.
  • Capability inventory: The skill enables shell command execution via multiplexers and the sharing of code snippets via attachments.
  • Sanitization: No explicit content sanitization or validation of incoming messages is described.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 05:41 PM
Security Audit — agent-trust-hub — intercom