Security Audit

meeting-insights-analyzer

github.com/ComposioHQ/awesome-codex-skills

AI SkillCommit ccf6204f6a59

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

meeting-insights-analyzer received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Excessive File System Read Permissions.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 16, 2026 (commit ccf6204f). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Filesystem Write

1 finding

Shell Execution

1 finding

Excessive Permissions

1 finding

Security Findings1

Severity	Finding	Layer	Location
HIGH	Excessive File System Read Permissions The skill explicitly instructs the LLM to 'Scan the folder for transcript files' and subsequently read their content to 'Check if files contain speaker labels and timestamps', 'Confirm the date range of meetings', and 'Identify the user's name/identifier in transcripts'. This grants the LLM broad file system read access within a user-specified directory. While intended for benign analysis, this capability could be misused to access sensitive data outside the intended scope if the underlying execution environment is not strictly sandboxed, or if a malicious prompt could trick the LLM into reading unintended files (e.g., configuration files, private keys, or other sensitive documents present in the same or parent directories). Implement strict access controls for file system operations. Instead of granting the LLM direct file system access, provide a dedicated, sandboxed tool or API for file listing and reading. This tool should enforce strict path validation, only allow access to explicitly provided files or a very specific, user-confirmed directory, and prevent directory traversal (e.g., `../`). Ensure the LLM cannot access system files or files outside the designated data directory.	LLM	SKILL.md:69

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/62442b3386ea5eda.svg)](https://skillshield.io/report/62442b3386ea5eda)