foundation-meeting-recap
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs legitimate meeting summarization tasks without any detected security violations. It utilizes local file access to reconcile agendas with transcripts, which is limited to the current working directory.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from external transcripts (Zoom, Meet, Otter, Fireflies, etc.). However, the impact is minimal as the skill lacks high-risk capabilities such as network access or shell command execution.
- Ingestion points: Meeting transcripts and manual notes provided as input (described in
SKILL.md, Step 1). - Boundary markers: The skill uses structured formatting in
TEMPLATE.mdto separate different sections, but does not explicitly include 'ignore instructions' guards for transcript content. - Capability inventory: The agent reads existing local files (
*_{title}_agenda.md) and generates markdown content. No network operations or subprocess executions are invoked. - Sanitization: No content sanitization or instruction filtering is performed on the ingested transcript data.
Audit Metadata