meeting-machine
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill performs legitimate automated assistant functions, such as researching meeting attendees via connected tools (Gmail, CRM, Slack) and generating meeting agendas.
- [SAFE]: No obfuscation, multi-layer encoding, or hidden malicious instructions were found in the skill metadata or body.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection through its ingestion of untrusted data.
- Ingestion points: Processes raw meeting notes and transcripts from external sources in 'Post-Step 1'.
- Boundary markers: The instructions do not currently include explicit delimiters or 'ignore' instructions to prevent the agent from following commands embedded within meeting transcripts.
- Capability inventory: The skill has the capability to write markdown files (Pre-Step 6), append to project notes (Post-Step 5), and draft emails (Post-Step 4).
- Sanitization: There is no explicit sanitization or filtering of the transcript content described in the instructions.
- [SAFE]: The risk of indirect prompt injection is mitigated by the skill's workflow, which requires the agent to 'Draft only' for follow-up emails, ensuring a human-in-the-loop review before any external communication is sent.
Audit Metadata