transcript-organizer
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill describes capabilities to read from local file paths (e.g.,
/path/to/transcript.txt), fetch content from external URLs, and write files to the user's filesystem (e.g.,~/Desktop/meeting-notes.md). These are functional capabilities for transcript management but represent a potential data exposure surface if used with sensitive paths. - [COMMAND_EXECUTION]: The skill instructs the agent to perform filesystem operations, including reading and writing files based on user-provided or inferred paths. This is a standard capability for its stated purpose but involves active manipulation of the local environment.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted content from transcripts, local files, and remote URLs.
- Ingestion points: User input text, local files, and URL content (SKILL.md, 'File Processing' section).
- Boundary markers: None present; the skill lacks delimiters or instructions to ignore embedded commands within the data being processed.
- Capability inventory: File system read/write access and network fetch capabilities (SKILL.md, 'File Processing' section).
- Sanitization: No specific technical sanitization or validation of input content is defined beyond a manual instruction to protect privacy.
Audit Metadata