voice-note-ingest
Pass
Audited by Gen Agent Trust Hub on May 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill exhibits standard behavior for a data ingestion tool. It defines clear triggers, input processing pipelines, and structured output formats without any evidence of malicious intent or dangerous patterns.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted input in the form of voice note transcripts and has the capability to write and modify files across multiple directories. This creates a surface for indirect prompt injection, which is addressed through structural isolation.
- Ingestion points: Audio transcripts processed in the 'The pipeline' section of
SKILL.md. - Boundary markers: The skill mandates the use of block quotes and a dedicated "User's Words" section to isolate the raw transcript from the agent's interpretation.
- Capability inventory: The skill has permissions to write and update pages in directories such as
originals/,concepts/,people/, andcompanies/. - Sanitization: The skill relies on structural markdown delimiters; no explicit programmatic sanitization of the transcript content is mentioned.
Audit Metadata