monday-brief
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to save generated report files to the local Desktop directory. This is a legitimate use case for a reporting tool.
- [DATA_EXFILTRATION]: Business data is collected from internal connectors and can be sent to messengers. The skill correctly implements approval gates requiring user confirmation before external data sharing.
- [SAFE]: Static analysis flags for homoglyphs refer to standard Cyrillic characters used for localization in Russian. These characters are used appropriately within the context of the skill's resources.
- [SAFE]: The skill ingests untrusted data from messages and emails. While this provides a surface for indirect prompt injection, the risk is minimal given the skill's specific data-extraction purpose. (Ingestion: ~~почта, ~~мессенджер; Boundaries: None; Capabilities: Bash, WebFetch; Sanitization: None).
Audit Metadata