meeting-report
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted content from external .vtt and .csv files provided by the user.
- Ingestion points: The full content of transcription and attendance files is read into the agent context using the Read tool in Step 1.
- Boundary markers: There are no boundary markers or instructions to ignore embedded commands used when interpolating transcript content for synthesis.
- Capability inventory: The skill has access to Bash and Write tools, which are used for filesystem management and file creation.
- Sanitization: No sanitization, validation, or escaping is applied to the ingested transcript data before the synthesis process.
- [COMMAND_EXECUTION]: The skill uses the Bash tool for benign administrative tasks, such as verifying the existence of target directories in the repository and checking for existing files to avoid overwriting content.
Audit Metadata