spark-persona-meeting-manager
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions and metadata do not contain any malicious patterns, obfuscation, or unauthorized access attempts.
- [DATA_EXFILTRATION]: The skill interacts with sensitive information including emails, contacts, and meeting transcripts. These operations are conducted through the 'spark' toolset as part of the skill's primary function. No evidence of data being transmitted to external or untrusted domains was found.
- [COMMAND_EXECUTION]: The skill utilizes the 'spark' CLI for specific tasks (e.g.,
spark search,spark draft). These commands are limited to the vendor's application scope and do not expose the system to arbitrary command injection or privilege escalation. - [PROMPT_INJECTION]: No instructional overrides, bypass attempts, or safety filter circumvention patterns were detected. The instructions maintain a consistent professional persona.
- [INDIRECT_PROMPT_INJECTION]: The skill processes external content from email bodies and meeting transcripts, which is an inherent part of a meeting management tool.
- Ingestion points: Meeting summaries, transcripts, and email search results via 'spark' commands in SKILL.md.
- Boundary markers: The instructions do not explicitly define delimiters for untrusted content.
- Capability inventory: The skill has read access to communications and write access via
spark draft(which includes a user confirmation step). - Sanitization: No specific sanitization methods for the external content are described, but the risk is consistent with the intended use case of an email/meeting assistant.
Audit Metadata