paragon-skill
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The documentation references the installation of the @useparagon/connect package, which is the official software development kit for the platform.
- [PROMPT_INJECTION]: The skill facilitates the retrieval of data from external integrations that is then used in the agent's context, presenting a risk of indirect prompt injection.
- Ingestion points: Integration data is fetched from services like Slack and Salesforce through ActionKit and Managed Sync endpoints as described in actionkit.md and managed-sync.md.
- Boundary markers: The implementation guides for creating agent tools do not include delimiters or specific instructions to prevent the agent from following directions that might be contained within the retrieved records.
- Capability inventory: Through the ActionKit and Proxy APIs, the skill provides the capability to perform various actions on the user's behalf across connected platforms.
- Sanitization: The provided documentation does not demonstrate sanitization or filtering of the integration data before it is processed by the language model.
Audit Metadata