Skills
skills/ravnhq/ai-toolkit/transcript-notes/Gen Agent Trust Hub

transcript-notes

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted content from external transcript files without utilizing boundary markers or explicit instructions to ignore embedded commands.
  • Ingestion points: Reads user-supplied transcript files (e.g., .txt files in transcripts/ directory) as described in the workflow section of SKILL.md.
  • Boundary markers: Absent; there are no instructions to the agent to distinguish between the meeting content and the agent's internal processing logic, which could allow malicious instructions within a transcript to influence agent behavior.
  • Capability inventory: The agent has the ability to read from the file system, create directories (notes/{series-slug}/), and write markdown files (Workflow Step 3 in SKILL.md).
  • Sanitization: No sanitization or validation of the transcript content is mentioned prior to processing or writing the output.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 06:26 PM