sales-speakwise
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides documentation and troubleshooting steps for the Speakwise platform, an iOS-native meeting assistant. It guides users through setup, recording best practices, and Notion integration. No evidence of unauthorized data exfiltration, hardcoded credentials, or malicious remote code execution was found.
- [PROMPT_INJECTION]: The skill implements an indirect prompt injection surface through its use of the references/learnings.md file to maintain state and knowledge across sessions. This mechanism allows content from previous interactions to influence the agent's instructions in future invocations.
- Ingestion points: references/learnings.md is read during the initialization phase (Step 1) to provide context for the current session.
- Boundary markers: No explicit delimiters or instructions are used to isolate potentially untrusted content in the learnings file from the system's core instructions.
- Capability inventory: The skill has the capability to read and append new information to the references/learnings.md file based on findings during the session.
- Sanitization: No sanitization or validation of the data appended to the learnings file is described, allowing for the potential storage of malicious instructions.
Audit Metadata