Skills
skills/steipete/agent-scripts/speaking/Gen Agent Trust Hub

speaking

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests and processes untrusted data from external emails.
  • Ingestion points: Content is retrieved from Gmail using the gog gmail read command in SKILL.md.
  • Capability inventory: The skill can write to local markdown files in /Users/steipete/Projects/conferences and modify a remote Google Sheet.
  • Boundary markers: No delimiters or specific instructions to treat email content strictly as data are present.
  • Sanitization: There is no evidence of sanitization or validation of the email content before it is used to generate or update records.
  • [COMMAND_EXECUTION]: The skill executes the gog CLI tool to perform data operations across Google services. This involves reading personal communications (Gmail), calendar events, and updating spreadsheets. The tool is used as an interface for the agent to interact with user-authorized data.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 06:37 AM