MeetGeek
PassAudited by VirusTotal on May 13, 2026.
Overview
Type: OpenClaw Skill Name: meetgeek Version: 1.0.1 The skill bundle is benign, providing a wrapper script and documentation for the `meetgeek-cli` tool. It instructs the agent to install the tool via `npm install -g meetgeek-cli` and then use it, ensuring a specific Node.js version with `nvm use 22`. All commands and instructions in `SKILL.md` are directly aligned with the stated purpose of querying MeetGeek meeting intelligence, including handling API keys and exporting transcripts to files. There is no evidence of prompt injection attempts, data exfiltration, malicious execution, persistence mechanisms, or obfuscation within the provided files. The potential risk lies solely with the external `meetgeek-cli` npm package itself, which is outside the scope of this skill bundle's analysis.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or anything using the configured CLI may be able to retrieve meeting information available to that API key.
The skill requires a MeetGeek API key and stores it locally so the CLI can access the user's MeetGeek account data. This is expected for the integration, but it is sensitive account authority.
meetgeek auth # Interactive API key setup Get your API key from: MeetGeek → Integrations → Public API Integration ... API key stored in: `~/.config/meetgeek/config.json`
Use an API key only for an account you intend the agent/CLI to access, protect the config file, and run `meetgeek auth --clear` when access is no longer needed.
Meeting text may be displayed to the agent, terminal, or saved files, making sensitive call content easier to expose or reuse unintentionally.
The skill retrieves and searches meeting transcripts and summaries, which can contain private business, personal, or customer information. This is core to the stated purpose but broad enough that users should treat outputs carefully.
Get full transcript ... Search across all recent meetings meetgeek ask "what did we discuss about the budget" ... Transcripts include speaker names and timestamps
Prefer meeting-specific queries when possible, avoid requesting unnecessary private transcripts, and handle exported transcript files as sensitive documents.
Installing the npm package gives that CLI code local execution ability and access to the configured MeetGeek API key.
The skill relies on installing an external global npm CLI. This is normal for a CLI integration, but users are trusting that package in addition to the small wrapper included in the artifact.
npm install -g meetgeek-cli
Install from the linked package/source you trust, consider pinning a known version, and review package provenance before configuring the API key.