process-transcript
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a bundled Python script (scripts/parse-vtt.py) using the uv runner to process local VTT files.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its handling of meeting transcript data.
- Ingestion points: In Step 3, the agent is directed to read the Markdown files generated from transcripts to generate summaries and titles.
- Boundary markers: The instructions do not define clear boundaries (like XML tags or delimiters) or include warnings for the agent to ignore any embedded commands within the transcript content.
- Capability inventory: The skill provides the agent with capabilities to read, write, and move files in the local filesystem, including sensitive areas like the Downloads folder.
- Sanitization: There is no sanitization or filtering logic applied to the transcript text to distinguish between meeting dialogue and potential malicious instructions.
Audit Metadata