Skills
skills/sergio-bershadsky/ai/secondbrain-transcribe/Gen Agent Trust Hub

secondbrain-transcribe

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests and processes untrusted meeting transcripts from external providers.\n
  • Ingestion points: Meeting transcript data is retrieved via client.get_transcript() and client.get_summary() in SKILL.md (Step 3).\n
  • Boundary markers: The skill does not define explicit delimiters or 'ignore embedded instructions' warnings for the transcript text before processing.\n
  • Capability inventory: The skill has the capability to write markdown files to docs/discussions/, update monthly YAML records in .claude/data/discussions/, and initiate the /secondbrain-adr skill workflow.\n
  • Sanitization: No sanitization or content validation is performed on the transcript text before the agent uses it to identify architectural decisions or generate discussion summaries.\n- [COMMAND_EXECUTION]: The skill's instructions include Python snippets that modify the system path using sys.path.insert(0, '.claude/lib') to load the FirefliesClient from a local directory within the user's project structure.\n- [DATA_EXFILTRATION]: The skill communicates with the official Fireflies.ai API domain (api.fireflies.ai) to fetch meeting data, using an API key retrieved from local environment variables or configuration files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 08:05 AM