Skills
skills/readdle/spark-cli-skills/spark-recipe-meeting-prep/Gen Agent Trust Hub

spark-recipe-meeting-prep

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it is designed to ingest and process untrusted data from external sources.
  • Ingestion points: Data enters the agent context through spark search (email bodies) and spark meeting (transcripts and notes) as described in SKILL.md.
  • Boundary markers: The instructions do not define clear delimiters or specific instructions for the agent to ignore potentially malicious content within the retrieved emails or transcripts.
  • Capability inventory: The skill utilizes spark command-line tools to read emails, contacts, and calendar data. No file-writing, arbitrary shell execution, or external network operations (outside of the core tool's function) were detected.
  • Sanitization: There is no evidence of content sanitization or validation performed on the email bodies or meeting transcripts before they are processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 11:19 AM