organizing-meeting-reports
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill contains instructions that explicitly grant user requirements the highest priority ("用户要求优先级最高"), which could allow a user to override the skill's logic or safety constraints by providing conflicting instructions within the input.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes external, untrusted data (meeting transcripts and .srt files) and incorporates it into its reasoning process without adequate security boundaries.
- Ingestion points: Meeting materials, documents, and transcript files provided by the user (SKILL.md).
- Boundary markers: The skill lacks explicit delimiters or instructions to treat the ingested meeting data as untrusted text.
- Capability inventory: The agent is instructed to access and analyze the current code repository and workspace context to enrich the report when specific signals are found (SKILL.md).
- Sanitization: There is no mention of sanitizing or filtering the input data before processing.
- [NO_CODE]: The skill is composed entirely of natural language instructions and markdown templates, containing no scripts, binaries, or external code dependencies.
Audit Metadata