Skills
skills/aahl/skills/qwen-asr/Gen Agent Trust Hub

qwen-asr

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Communicates with an external ASR service at https://qwen-qwen3-asr-demo.ms.show (ModelScope) to perform transcription inference.\n- [DATA_EXFILTRATION]: Reads local audio files provided via CLI arguments or standard input and transmits their content to the external ModelScope endpoint for processing.\n- [PROMPT_INJECTION]: Surface for indirect prompt injection via audio content. A spoken instruction within an audio file could be transcribed and subsequently interpreted as a command by the agent.\n
  • Ingestion points: scripts/main.py (reads audio from file path or stdin)\n
  • Boundary markers: Absent. The resulting transcription is returned to the agent without delimiters or safety warnings.\n
  • Capability inventory: scripts/main.py (reads local files and performs network POST/GET operations via aiohttp and gradio_client)\n
  • Sanitization: Absent. Transcribed text is returned raw without filtering for potential instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 12:04 PM