Skills
skills/apocohq/skills/meeting-minutes/Gen Agent Trust Hub

meeting-minutes

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill allows downloading meeting transcripts from arbitrary user-provided URLs using curl into a local temporary directory for processing.
  • [COMMAND_EXECUTION]: Employs bash commands for directory management, file discovery, and executing a bundled Python script via uv run to strip metadata from transcripts.
  • [PROMPT_INJECTION]: Processes potentially untrusted meeting transcript content through a multi-stage subagent pipeline to generate summaries.
  • Ingestion points: Local .vtt files in common directories or remote URLs specified by the user.
  • Boundary markers: None; the transcript text is passed to subagents without explicit delimiters or instructions to ignore embedded commands.
  • Capability inventory: Shell command execution (curl, ls, rm) and Python execution via uv.
  • Sanitization: Removes VTT metadata and provides explicit instructions for subagents to filter out inappropriate content and conversational noise.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 06:28 PM