meeting-notes
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it processes external, potentially untrusted markdown transcripts from Google Meet.
- Ingestion points: Transcripts are ingested via the
Readtool from theMeeting notes/directory (specifically files matching*회의록.md). - Boundary markers: No explicit delimiters or boundary markers are defined to isolate transcript content from the agent's instructions.
- Capability inventory: The skill is limited to file system discovery (
Glob), pattern matching (Grep), file reading/writing (Read,Write), and user interaction (AskUserQuestion). It does not possess network access or arbitrary command execution capabilities. - Sanitization: The skill does not perform sanitization or escaping of the ingested text before summarization.
- Mitigation: The skill requires a 'User Review' phase using
AskUserQuestionbefore anyWriteoperations, ensuring a human-in-the-loop validates the output before it is persisted to disk.
Audit Metadata