process-meeting-notes
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted content from meeting transcripts (via Fireflies or manual entry) and user-provided URLs, which could contain instructions intended to influence the agent's behavior during issue creation or file writing.
- Ingestion points: Meeting transcripts are fetched via Fireflies MCP tools or provided by the user as text or URLs in
workflows/create-issues-from-notes.mdandworkflows/process-recent-meeting.md. - Boundary markers: The instructions do not define clear boundaries or 'ignore' commands for the content being processed to prevent the agent from obeying embedded instructions.
- Capability inventory: The skill possesses the capability to create GitHub issues (
gh issue create), modify project boards (gh project item-add), and write files to the local filesystem. - Sanitization: Content is parsed for action items using natural language instructions without programmatic sanitization, though the risk is mitigated by mandatory user confirmation steps before performing GitHub actions.
- [EXTERNAL_DOWNLOADS]: In
workflows/create-issues-from-notes.md, the agent is instructed to fetch notes from a user-provided URL. This involves network operations to retrieve untrusted content that is subsequently processed by the agent.
Audit Metadata