team-meeting-summarize

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only meeting-minutes skill whose handling of notes and transcripts fits its purpose, though users should be careful with confidential meeting content.

Install only if you are comfortable having your agent process meeting content. Use it with notes, transcripts, or audio links you are authorized to share, redact secrets and unnecessary personal data, and review the generated minutes before distributing them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly accepts meeting transcripts and audio file URLs, which commonly contain sensitive business, personal, or confidential information, but provides no guidance on privacy, consent, retention, access control, or safe handling. This creates a real privacy and data-protection risk because users may submit confidential content to downstream systems or external URLs without understanding the exposure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal