meeting-notes-and-actions
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted meeting transcripts, which creates a surface for indirect prompt injection. However, the lack of powerful capabilities like file writing or network access mitigates the risk.
- Ingestion points: Meeting transcripts or rough notes provided via text or file path (defined in SKILL.md).
- Boundary markers: Absent; the workflow does not define specific delimiters to isolate user-provided data from system instructions.
- Capability inventory: No scripts, subprocesses, file-write operations, or network requests are present in this skill.
- Sanitization: None; the 'normalize text' step focuses on formatting and cleaning filler words rather than security sanitization.
Audit Metadata