summarize-meeting
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): Detected a potential surface for Indirect Prompt Injection (Category 8). * Ingestion points: The skill ingests untrusted markdown data from
.research/meetings/transcripts/. * Boundary markers: Absent; the instructions lack clear delimiters (e.g., XML tags or triple-backticks) to separate the transcript data from the system instructions. * Capability inventory: The skill has the capability to write to local files (tasks.md) and make external tool calls to create GitHub Issues. * Sanitization: Absent; the instructions do not require the agent to sanitize, escape, or validate content extracted from the transcript before performing actions.
Audit Metadata