Post-Meeting Follow-up Drafter
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted meeting data to generate external communications.\n
- Ingestion points: The
contextinput inSKILL.mdaccepts meeting digests or summaries which may contain adversarial instructions.\n - Boundary markers: The prompt instructions do not explicitly define delimiters to separate untrusted meeting content from the system instructions.\n
- Capability inventory: The skill uses
emailandmessagingcapabilities to draft and send communications via theexecute_actiontool calls defined inSKILL.md.\n - Sanitization: The risk is significantly mitigated by a mandatory human-in-the-loop approval workflow (
approval_required: true), ensuring a user reviews all drafts before they are sent.
Audit Metadata