Meeting Objection Tracker
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it processes untrusted data from meeting transcripts to identify patterns.
- Ingestion points: Meeting transcripts are ingested through the
get_meetings_for_periodaction and subsequent API calls to/api/insightsand/api/searchendpoints. - Boundary markers: The skill relies on semantic search queries and extraction rules to filter relevant content; it does not explicitly define structural delimiters (like XML tags) to separate transcript content from agent instructions.
- Capability inventory: The skill is granted
calendarandcrmcapabilities, which are used for data retrieval. It lacks dangerous capabilities such as file system writing, subprocess execution, or arbitrary network access. - Sanitization: The skill includes specific logic to distinguish between prospect objections and internal team dialogue or general questions, providing a layer of semantic filtering.
- [SAFE]: The skill uses platform-integrated tools and APIs for its operations.
- All data retrieval and analysis are performed via
execute_actionor relative API paths (e.g.,/api/search,/api/insights), which are part of the trusted platform environment. - There are no references to external third-party domains, hardcoded credentials, or unauthorized data exfiltration patterns.
Audit Metadata