meeting-processor
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. It ingests meeting transcripts and directly interpolates the content into LLM prompts within
scripts/extractors/leadgen.py,scripts/extractors/partnership.py,scripts/extractors/coaching.py, andscripts/detectors.py. - Ingestion points: Meeting transcripts are read from local files by
scripts/process.pyvia command-line arguments. - Boundary markers: No delimiters or isolation instructions are used to wrap the transcript content in the prompt templates.
- Capability inventory: The skill can modify files on the local file system by writing analysis results back to the transcript file using the
save_analysisfunction inscripts/process.py. - Sanitization: No sanitization or validation is performed on the transcript content before it is included in the prompts.
- [DATA_EXFILTRATION]: The skill transmits meeting transcript content to the Cerebras API (
api.cerebras.ai) for analysis. This is a standard operation for the skill's intended purpose and uses well-known AI infrastructure, but it involves sending user data to an external service.
Audit Metadata