miro-doc
Pass
Audited by Gen Agent Trust Hub on May 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection within its document editing workflow.
- Ingestion points: The
doc_gettool (referenced in 'Editing Existing Documents') reads content from external Miro board URLs provided by the user. - Boundary markers: The skill instructions do not provide delimiters or "ignore embedded instructions" warnings for the agent when processing the content retrieved from the board.
- Capability inventory: The agent has the capability to modify board content via
doc_updateanddoc_create, which could be exploited if malicious instructions are present in the ingested document. - Sanitization: No sanitization or validation of the retrieved markdown content is performed before the agent interpolates it into its context for further actions.
Audit Metadata