internal-comms
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill is comprised entirely of Markdown guidelines and configuration files. It lacks any scripts, binary files, or shell commands that could be executed.
- [PROMPT_INJECTION]: The skill instructions facilitate an indirect prompt injection surface by directing the agent to process data from potentially untrusted external inputs (Slack, Email, Documents) to produce summarized outputs.
- Ingestion points: Slack channels, Google Drive documents, Email messages, and Calendar events (specified in examples/3p-updates.md, examples/company-newsletter.md, and examples/faq-answers.md).
- Boundary markers: Absent. The instructions do not provide delimiters or warnings to the agent regarding potential embedded instructions in the source data.
- Capability inventory: The skill instructs the agent to use tools for reading internal communications and documents but does not involve write-back or external network capabilities within its own logic.
- Sanitization: Absent. There is no instruction for the agent to filter or sanitize the retrieved content before using it in drafts.
Audit Metadata