meeting-transcript
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill's architecture creates a surface for indirect prompt injection by processing untrusted data at runtime.
- Ingestion points: The skill accepts meeting transcripts or recording notes directly from users and instructs the 'context-enricher' sub-agent to check external content from GitHub issues and pull requests.
- Boundary markers: The instructions for the sub-agents lack explicit boundary markers (such as XML tags or unique delimiters) or instructions to disregard any embedded prompts within the transcript or GitHub content.
- Capability inventory: The skill utilizes an orchestrator and sub-agents with capabilities to read local filesystem notes/profiles, access the network to query GitHub, and write structured output to specific local project directories.
- Sanitization: No sanitization, filtering, or validation steps are defined for the content before it is processed by the LLM sub-agents.
Audit Metadata