insight-extractor
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing untrusted external text (e.g., livestream transcripts and meeting notes).
- Ingestion points: As described in
SKILL.md, the skill reads long-form text provided by the user or from external files. - Boundary markers: There are no explicit instructions or delimiters defined to prevent the AI from obeying commands that might be hidden within the text being analyzed.
- Capability inventory: The skill is capable of writing the resulting analysis to the local filesystem in the
workspace/insights/directory. - Sanitization: The instructions do not include steps to sanitize or validate the input text for malicious instructions before processing.
- [NO_CODE]: The skill consists entirely of instructional Markdown content and does not package any executable scripts or binaries, which significantly limits the risk of direct system exploitation or remote code execution.
Audit Metadata