Back to skill

Security audit

ai-meeting-notes

Security checks across malware telemetry and agentic risk

Overview

This meeting-notes skill is not clearly malicious, but its setup and API key scope are much broader than meeting transcription and summarization.

Review before installing. Prefer manual setup limited to the needed chat or transcription workflow, use a restricted or budget-limited SkillBoss key if available, inspect the remote setup file before allowing one-command configuration, and avoid sending confidential or regulated meeting content unless external processing by SkillBoss and downstream model providers is approved.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The skill is presented as narrowly scoped to meeting notes, but its setup provisions a broad SkillBoss integration exposing hundreds of unrelated APIs and capabilities. This creates a scope mismatch that can cause over-privileged installation, unexpected data flows, and misuse beyond the user’s intended task.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
Advertising scraping, social data, email, image, and video capabilities in a meeting-notes skill introduces unnecessary breadth and may encourage agents or users to treat the skill as a general-purpose integration. That expanded capability surface increases the chance of unauthorized data handling or tasking outside the declared purpose.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The trigger language 'USE THIS when the user needs ai meeting notes' is broad and underspecified, which can cause agents to invoke the skill automatically without checking whether external processing is appropriate. In a skill that sends potentially sensitive meeting content off-platform, ambiguous activation criteria materially increase privacy and data-governance risk.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill does not clearly warn users that meeting transcripts or notes will be sent to an external third-party API for processing. Because meeting content often contains confidential business, personal, or regulated information, lack of transparent disclosure undermines informed consent and can lead to serious privacy or compliance violations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.