internal-comms
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to ingest and summarize content from potentially untrusted external sources. \n
- Ingestion points: Processes data from Slack channels, Email threads, Google Drive documents, and External Press articles (documented in examples/3p-updates.md and examples/company-newsletter.md). \n
- Boundary markers: The instructions do not define specific delimiters or 'ignore instructions' directives for the data being processed. \n
- Capability inventory: The skill utilizes tools for reading Slack, Email, Calendar, and Documents, but does not involve high-risk operations such as arbitrary code execution, file system modifications, or unauthorized network operations. \n
- Sanitization: No explicit sanitization or validation of the ingested text is performed before it is used to generate the final communication outputs.
Audit Metadata