pp-fathom

Pass

Audited by Gen Agent Trust Hub on May 27, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the fathom-pp-cli tool using npx from the @mvanhorn NPM registry and go install from the vendor's GitHub repository.
  • [COMMAND_EXECUTION]: The skill operates by executing the fathom-pp-cli binary with various flags to perform meeting analysis and database management tasks.
  • [DATA_EXFILTRATION]: Contains built-in features to route meeting data to remote endpoints using the --deliver webhook:<url> flag and the feedback --send command.
  • [PROMPT_INJECTION]: The skill processes external data (meeting transcripts and summaries) that could contain adversarial instructions.
  • Ingestion points: Transcripts and summaries are retrieved from the Fathom API and processed by commands like recordings get-transcript (SKILL.md).
  • Boundary markers: No delimiters or safety instructions are defined to separate untrusted meeting content from agent instructions.
  • Capability inventory: The skill uses the Bash tool to execute a binary that can perform network requests and access local storage (SKILL.md).
  • Sanitization: The skill documentation does not mention any sanitization or validation of meeting content before it is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 27, 2026, 02:16 AM
Security Audit — agent-trust-hub — pp-fathom