Skills
skills/unblocked/skills/unblocked-data-retrieval/Gen Agent Trust Hub

unblocked-data-retrieval

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and process data from external, potentially untrusted sources including Jira issues, Slack channels, and pull requests. This creates a surface for indirect prompt injection where instructions embedded in those platforms could influence agent behavior.
  • Ingestion points: data_retrieval calls fetching content from Jira (issues), Slack (messages/threads), and GitHub (PR details).
  • Boundary markers: The skill does not explicitly define delimiters for the retrieved content, though it relies on the tool's structured output.
  • Capability inventory: The agent can execute tool calls (data_retrieval, listTools) and may fall back to CLI tools (gh, jira) if available.
  • Sanitization: No explicit sanitization or instruction-filtering logic is provided within the skill for the retrieved data.
  • [COMMAND_EXECUTION]: The skill mentions falling back to GitHub/Jira CLIs if primary tools are unavailable. This is a standard administrative capability and is used here in a fallback capacity for legitimate record lookup tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 10:37 AM
Security Audit — agent-trust-hub — unblocked-data-retrieval