podcast-generation
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates an indirect prompt injection vulnerability by interpolating raw user input directly into model instructions.
- Ingestion points: The
promptvariable in the Python code snippet withinSKILL.mdallows untrusted external data to enter the agent context. - Boundary markers: No delimiters or safety instructions are used to separate user input from the model's narrator instructions, making the agent susceptible to embedded instructions.
- Capability inventory: The skill possesses the capability to generate and stream synthesized audio via a WebSocket connection to Azure OpenAI endpoints.
- Sanitization: The provided implementation lacks input validation or sanitization logic to filter potentially malicious text content.
Audit Metadata