roberts-rules
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and process external data, specifically previous meeting minutes (
minutes_from) and agenda items. These inputs represent an attack surface where a malicious user or document could embed instructions aimed at overriding the meeting's procedural rules or the agent's reasoning during the debate stage. - Ingestion points: YAML fields
minutes_fromandagendainMEETING.ymlor similar meeting files. - Boundary markers: None identified. The skill lacks explicit instructions to ignore embedded commands within the ingested data.
- Capability inventory: The skill is permitted to use
read_fileandwrite_file. While it lacks network or code execution capabilities, an injection could still result in unauthorized file modifications (e.g., falsifying meeting minutes) or influencing downstream decision-making. - Sanitization: No evidence of input validation or sanitization for the content of meeting minutes or agenda items.
Audit Metadata