meeting-followup
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, credentials, or unauthorized network operations were detected. The skill operates within the expected scope of a business automation tool.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted data from email bodies and meeting transcripts. This is a characteristic of the skill's intended functionality to summarize external communications.
- Ingestion points: Meeting transcripts via
get_meeting_transcriptand email bodies viagmail_read_threadin SKILL.md. - Boundary markers: Absent. The skill does not instruct the agent to ignore instructions embedded in the retrieved content.
- Capability inventory: The agent has capabilities to write files to the
revops/customers/directory and create email drafts viagmail_create_draftas described in SKILL.md. - Sanitization: Absent. There are no instructions to sanitize or escape the content retrieved from external sources before processing it into drafts or local files.
Audit Metadata