sales-meeting-follow-up-plan

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security risks were identified in the skill's instructions or implementation scripts.\n- [EXTERNAL_DOWNLOADS]: The included Python script (scripts/run.py) facilitates communication with the vendor's official API at ai-skills.ai. This is expected behavior for the skill's stated purpose and uses secure HTTPS connections.\n- [PROMPT_INJECTION]: The skill processes untrusted meeting data, which presents an attack surface for indirect prompt injection. However, the runner script has no dangerous local capabilities that would allow such an attack to compromise the user's environment.\n
  • Ingestion points: Meeting transcripts and files are ingested via the meetingNotesText and meetingNotesFile fields in references/form-schema.json.\n
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present.\n
  • Capability inventory: The runner script is restricted to making network requests to the vendor's API.\n
  • Sanitization: No client-side input sanitization is implemented.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 07:59 AM
Security Audit — agent-trust-hub — sales-meeting-follow-up-plan