The Agent Skills Directory

COMMAND_EXECUTION (SAFE): The scripts/transcribe.py script invokes ffmpeg using subprocess.run with a list of arguments rather than a shell string. This implementation successfully prevents shell injection vulnerabilities during the audio extraction phase.
DATA_EXFILTRATION (LOW): The script transmits data to api.deepgram.com. Because this domain is not included in the predefined whitelist, it is flagged as a network exposure risk, although the traffic is necessary for the skill's primary transcription function.
CREDENTIALS_UNSAFE (LOW): The design requires the Deepgram API key to be provided as a command-line argument (--api-key). This practice can expose the sensitive token to local process monitoring tools or shell history files.
PROMPT_INJECTION (LOW): The skill provides an attack surface for indirect prompt injection by processing external media files into text transcripts. 1. Ingestion points: media files processed by scripts/transcribe.py. 2. Boundary markers: none are used in the resulting _transcript.txt file. 3. Capability inventory: the script has access to subprocess.run, requests.post, and file-system write operations. 4. Sanitization: the transcription output is saved directly to disk without validation or escaping.

deepgram-transcription