Skills
skills/visualxintelligence/agent-toolkit/daily-meeting-update/Gen Agent Trust Hub

daily-meeting-update

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill processes untrusted data from external sources (GitHub PRs, Jira tickets) while possessing command execution capabilities. \n
  • Ingestion points: Output from gh and jira CLI tools. \n
  • Capability inventory: Executes gh, git, and jira commands; reads local files. \n
  • Boundary markers: None mentioned. \n
  • Sanitization: None mentioned. \n- [Data Exposure] (HIGH): The skill specifically accesses the ~/.claude/projects directory. This contains .jsonl files of Claude session history, which may include proprietary code, logic, and inadvertently exposed credentials or sensitive context. \n- [Command Execution] (MEDIUM): The skill relies on executing system commands (gh, git, jira) to function. While intended for data retrieval, these tools can be misused if the agent is manipulated via injection.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 09:21 AM