daily-meeting-update
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill executes standard developer tools including
gh auth status,git, andjirato gather context for the user's daily update. This is the intended behavior of the skill. - [DATA_EXPOSURE] (LOW): The skill reads from
~/.claude/projectsto retrieve local Claude Code session history. Accessing local history files is a minor data exposure risk, though the skill explicitly states that user consent is required before accessing this information. - [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection (Category 8). It ingests untrusted data from GitHub (commits, PR bodies) and Jira (ticket descriptions). An adversary could potentially influence the agent's summary by embedding instructions in these external platforms. Ingestion points: README.md (mentions GH/Jira data). Boundary markers: None mentioned. Capability inventory: No unsafe script execution, but it generates text output based on data. Sanitization: Not specified.
Audit Metadata