Skills
skills/varnan-tech/opendirectory/meeting-brief-generator/Gen Agent Trust Hub

meeting-brief-generator

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality of processing untrusted data from the web.
  • Ingestion points: Untrusted data enters the agent context via Tavily API search results in SKILL.md (Step 3).
  • Boundary markers: The search results are interpolated into a string within a JSON payload for the Gemini API (SKILL.md Step 4) without robust delimiters or explicit instructions to ignore embedded commands in the source data.
  • Capability inventory: The skill uses curl for API requests and has the ability to write output to a Notion database.
  • Sanitization: There is no evidence of sanitization or filtering of the external search content before it is processed by the Gemini model.
  • [COMMAND_EXECUTION]: The skill uses curl to interact with official APIs for Tavily, Google Gemini, and Notion. These operations are performed using environment variables for authentication and target well-known service endpoints.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 03:08 PM
Security Audit — agent-trust-hub — meeting-brief-generator