MeetGeek
v1.0.1Query MeetGeek meeting intelligence from CLI - list meetings, get AI summaries, transcripts, action items, and search across all your calls with natural language.
⭐ 1· 2.1k·1 current·1 all-time
byShvz@nexty5870
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The SKILL.md describes CLI usage of the meetgeek-cli tool (list, summary, transcript, search) which matches the skill name and description. However, the skill metadata declares no runtime dependencies while the instructions require Node (npm) and the tool meetgeek-cli; this metadata omission is inconsistent but not malicious.
Instruction Scope
Instructions are narrowly scoped to installing meetgeek-cli, running its commands, and using its interactive auth flow. They reference storing an API key in ~/.config/meetgeek/config.json and optionally saving transcripts to user-specified files — both expected for a CLI. No unexpected data exfiltration or external endpoints beyond the official CLI are referenced.
Install Mechanism
There is no install spec in the skill bundle (instruction-only). The SKILL.md directs the user to run 'npm install -g meetgeek-cli' which pulls code from the public npm registry — a normal approach but higher risk than pure instruction-only because it installs third-party code at runtime. The bundle itself does not download arbitrary URLs or include extract steps.
Credentials
The skill declares no required environment variables or primary credential, yet the CLI requires an API key which the SKILL.md says is stored at ~/.config/meetgeek/config.json via 'meetgeek auth'. The absence of a declared primary credential or a required config path in the metadata is an omission to be aware of; the credential request is proportionate to the skill's purpose but is stored locally (check file permissions).
Persistence & Privilege
The skill does not request always:true and does not declare system-wide changes. It includes a small wrapper (meetgeek.sh) that sources ~/.nvm/nvm.sh and switches to Node 22 before exec'ing the meetgeek binary; this is limited to ensuring the right node version and does not modify other skills or global agent settings.
Assessment
This skill is a thin wrapper and documentation for the community meetgeek-cli tool; it appears coherent with that purpose. Before installing: 1) Verify the meetgeek-cli package and its GitHub repo (https://github.com/nexty5870/meetgeek-cli and the npm page) to ensure you trust the publisher and review recent changes. 2) Ensure Node/npm (and optionally nvm) are installed — the wrapper expects ~/.nvm/nvm.sh and Node 22. 3) Be aware the MeetGeek API key will be stored in ~/.config/meetgeek/config.json — inspect that file and set restrictive permissions (chmod 600). 4) If you allow autonomous agent invocation, remember the agent could run the CLI and use any stored API key; consider limiting autonomous access or reviewing logs. 5) If you need higher assurance, run the CLI in a controlled environment (container or VM) and audit network activity when first authenticating.Like a lobster shell, security has layers — review code before you run it.
latestvk97d3vcy94msq4mnxzns2b9kq97ypdw3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.