The Agent Skills Directory

[COMMAND_EXECUTION]: The skill's primary logic is contained within a Bash script that orchestrates tool calls to curl, jq, and python.
[REMOTE_CODE_EXECUTION]: The script dynamically generates and executes Python code using the python -c flag to convert transcription data into LRC and SRT formats. Specifically, file paths (including user-controlled output paths) are interpolated directly into the Python source string without escaping. This could allow for arbitrary Python code execution if an output path containing single quotes is used.
[CREDENTIALS_UNSAFE]: The skill requires users to store sensitive API keys for OpenAI and ElevenLabs in a local file (scripts/config.json). While the script includes logic to mask these keys in command output, they are stored in plain text on the disk.
[DATA_EXFILTRATION]: Audio data is transmitted to official APIs from OpenAI and ElevenLabs. These are recognized as well-known and trusted technology services, and the data transmission is documented neutrally as part of the skill's intended functionality.
[PROMPT_INJECTION]: The skill processes transcription results from external APIs and instructs the agent to correct the lyrics, creating an attack surface for indirect prompt injection. (1) Ingestion points: Reads transcribed LRC/SRT/JSON files and original lyrics JSON. (2) Boundary markers: Absent; no delimiters or ignore-instructions warnings are used during data processing. (3) Capability inventory: The agent has access to Bash (permitting network and system commands), Read, and Write tools. (4) Sanitization: No sanitization is performed on the transcribed content before the agent processes it for correction.

acestep-lyrics-transcription