Skills
skills/gleanwork/glean-cli/glean-insights/Gen Agent Trust Hub

glean-insights

Pass

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the glean CLI, a vendor-provided tool from gleanwork, to fetch search analytics and platform usage metrics.
  • [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection as it retrieves and processes data originating from end-user search patterns.
  • Ingestion points: Analytics data containing user-generated search queries retrieved from the glean insights get command.
  • Boundary markers: None identified; the skill does not instruct the agent to use delimiters or ignore embedded instructions within the returned data.
  • Capability inventory: The skill provides the capability to execute shell commands (the glean tool) and process output with jq.
  • Sanitization: There is no evidence of sanitization, filtering, or validation of the retrieved analytics data before it is ingested into the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 25, 2026, 04:56 PM