Post-Meeting Follow-Up Pack Builder
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its reliance on untrusted meeting transcripts and digests for generating follow-up communications and tasks.
- Ingestion points: Data enters the agent via the meeting_data and meeting_digest inputs in SKILL.md.
- Boundary markers: The skill does not implement boundary markers or instructions to disregard embedded commands within the meeting transcripts.
- Capability inventory: The skill possesses the ability to send emails, post Slack messages, and update CRM records.
- Sanitization: No explicit sanitization or validation of the ingested meeting content is performed before generating output artifacts.
Audit Metadata