transcript-search
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it is designed to ingest and process external meeting transcript data.
- Ingestion points: Transcripts are retrieved via GraphQL API in 'scripts/fireflies_transcript_search.py' and from Google Drive files in 'scripts/gdrive_transcript_search.py'.
- Boundary markers: The scripts do not implement specific delimiters or instructions to ignore embedded commands within the transcript content.
- Capability inventory: The skill has the capability to write files to the local '.tmp' directory and specified output paths, and it performs network operations to established service endpoints.
- Sanitization: Transcript data is processed and stored as raw text without escaping or validation.
Audit Metadata