meeting-prep

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes unverified data from external sources during the research phase.
  • Ingestion points: The skill fetches external data via the company-intel and person-lookup tools, specifically reading LinkedIn profiles, recent posts, and company news.
  • Boundary markers: No delimiters or instructions to 'ignore embedded instructions' are present in the 'Briefing Generation' or 'Assemble Briefing' steps to separate untrusted external data from the skill's logic.
  • Capability inventory: The skill has read access to sensitive internal files like memory/pipeline.json and MEMORY.md, and it can execute commands via orth run for calendar management.
  • Sanitization: There is no evidence of sanitization, filtering, or validation of the content retrieved from LinkedIn or external web searches before it is interpolated into the briefing template.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 04:54 AM
Security Audit — agent-trust-hub — meeting-prep