discovery-calls
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [Prompt Injection] (SAFE): No instructions attempting to override agent behavior, bypass safety filters, or extract system prompts were found.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file path access, or network operations (curl, wget, fetch) were detected.
- [Unverifiable Dependencies & RCE] (NO_CODE): The skill contains only markdown files and does not use any package managers (pip, npm) or remote script downloads.
- [Indirect Prompt Injection] (LOW): The skill is designed to process meeting notes and transcripts (untrusted external data). However, because the skill has no 'write' or 'execute' capabilities (e.g., no subprocess calls or network exfiltration), the risk of an injection influencing anything beyond the agent's internal reasoning is negligible.
- [Obfuscation] (SAFE): All content is in plain-text markdown. No Base64, hidden Unicode characters, or encoded commands were identified.
Audit Metadata