meeting-briefing
Fail
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill is vulnerable to instructions embedded in external data it processes.
- Ingestion points: Step 3 of SKILL.md lists Email, Chat (Slack/Teams), and Documents (Box/SharePoint) as data sources.
- Boundary markers: None are present; there are no instructions to use delimiters or ignore instructions within external data.
- Capability inventory: The skill possesses the capability to 'Distribute action items' via email and 'Update relevant systems' (CLM, risk registers).
- Sanitization: No input validation or sanitization routines are defined.
- [Data Exposure] (MEDIUM): The skill requires access to highly sensitive information including litigation status, board updates, and contracts. This broad access profile increases the impact of a potential compromise via the prompt injection surface.
Recommendations
- AI detected serious security threats
Audit Metadata