meeting-prep
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Prompt Injection (LOW): Vulnerability to indirect prompt injection identified. Ingestion points: Untrusted data is incorporated via the 'gong_calls' and 'support_tickets' fields. Boundary markers: The template lacks delimiters (e.g., XML tags or clear separators) to isolate external data from the skill's instructions, creating a surface where malicious content in transcripts could influence the AI's behavior. Capability inventory: The skill generates analysis and talking points; no shell access or script execution is enabled. Sanitization: No sanitization or validation of the input strings is performed before interpolation.
- No Code (SAFE): No executable scripts, shell commands, or external package dependencies were detected in this skill.
Audit Metadata