knowledge-capture
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Category 8: Indirect Prompt Injection] (LOW): The skill is designed to ingest and process untrusted external data (transcripts and meeting notes) and transform them into structured documentation.
- Ingestion points: SKILL.md and documentation-types.md confirm the tool parses user-provided transcripts and notes.
- Boundary markers: None explicitly defined in the provided prompts to isolate instructions from data.
- Capability inventory: No subprocesses, network ops, or file-write capabilities are present in the provided skill files.
- Sanitization: Not present; the tool relies on LLM summarization.
- [Category 2: Data Exposure & Exfiltration] (LOW): The SKILL.md file mentions requirements for
NOTION_API_TOKEN. While this is a sensitive credential, it is listed as a configuration requirement for the user's environment and is not hardcoded or leaked in the skill itself.
Audit Metadata