talk-stage1-extract
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes external source material such as articles, transcripts, and notes. This creates an indirect prompt injection surface where instructions embedded in the ingested data could attempt to influence the agent's behavior during the extraction process.
- Ingestion points: Source file path or inline content defined in SKILL.md.
- Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore embedded commands within the source data.
- Capability inventory: The skill utilizes 'Read' for input, 'Write' for output, and 'AskUserQuestion' for metadata collection.
- Sanitization: No explicit sanitization, filtering, or validation of the ingested content is performed.
- [COMMAND_EXECUTION]: The skill is configured with the 'Read' and 'Write' tools to interact with the file system. It relies on user-provided file paths for input material and specifies an output directory for summaries. While the behavior is consistent with the skill's purpose, the agent's access is determined by the permissions of the environment in which it executes.
Audit Metadata