voice-note-ingest

Pass

Audited by Gen Agent Trust Hub on May 29, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill exhibits standard behavior for a data ingestion tool. It defines clear triggers, input processing pipelines, and structured output formats without any evidence of malicious intent or dangerous patterns.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted input in the form of voice note transcripts and has the capability to write and modify files across multiple directories. This creates a surface for indirect prompt injection, which is addressed through structural isolation.
  • Ingestion points: Audio transcripts processed in the 'The pipeline' section of SKILL.md.
  • Boundary markers: The skill mandates the use of block quotes and a dedicated "User's Words" section to isolate the raw transcript from the agent's interpretation.
  • Capability inventory: The skill has permissions to write and update pages in directories such as originals/, concepts/, people/, and companies/.
  • Sanitization: The skill relies on structural markdown delimiters; no explicit programmatic sanitization of the transcript content is mentioned.
Audit Metadata
Risk Level
SAFE
Analyzed
May 29, 2026, 03:35 PM
Security Audit — agent-trust-hub — voice-note-ingest