Skills
skills/dedalus-erp-pas/hexagone-foundation-skills/meeting-report/Gen Agent Trust Hub

meeting-report

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through the ingestion of external data files.
  • Ingestion points: The skill reads .vtt transcripts and .csv attendance reports provided in the user prompt (documented in SKILL.md workflow steps 1 and 3).
  • Boundary markers: Absent. There are no instructions to use delimiters or specific prompt engineering to isolate untrusted transcript content from the agent's core instructions.
  • Capability inventory: The agent has access to Write for file system modification and Bash for system state discovery (e.g., git remote -v, ls).
  • Sanitization: The instructions lack requirements for sanitizing or escaping the content extracted from the transcript files before incorporating them into the generated report.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 11:58 AM