transcript-cleanup
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes raw transcript content which could contain malicious instructions designed to hijack the agent's logic during the text cleaning phase.\n
- Ingestion points: Reads all .txt files in the output/ directory (SKILL.md, Step 1).\n
- Boundary markers: Extracts content under specific headers (Step 2) but does not instruct the agent to ignore instructions embedded within the transcription text.\n
- Capability inventory: Access to Write tool and Bash tool for system operations (frontmatter).\n
- Sanitization: Applies formatting and linguistic cleanup rules (Step 4) but lacks logic to detect or neutralize adversarial prompts.\n- [COMMAND_EXECUTION]: The skill constructs and executes Bash commands using strings derived from file metadata and external tool outputs.\n
- Ingestion points: Filenames from the output/ directory are used to build find and mv commands (SKILL.md, Step 8).\n
- Boundary markers: None; filenames are directly interpolated into shell command strings.\n
- Capability inventory: Uses Bash tool to execute date, find, mv, and rm commands.\n
- Sanitization: No sanitization is performed on the filenames. If a file in the output/ directory is maliciously named with shell metacharacters, it could lead to arbitrary command execution when the find command is invoked in Step 8.
Audit Metadata