Skills
skills/assemblyai/assemblyai-skill/assemblyai/Gen Agent Trust Hub

assemblyai

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs users to install the official assemblyai SDKs for Python and JavaScript/TypeScript. It also includes integrations for well-known voice agent frameworks such as livekit-agents and pipecat-ai.
  • [COMMAND_EXECUTION]: Documentation provides standard curl examples for interacting with the AssemblyAI REST API endpoints, which is expected for an API-focused skill.
  • [CREDENTIALS_UNSAFE]: The skill correctly uses placeholders like YOUR_API_KEY in examples and explicitly advises users to manage secrets using environment variables (e.g., process.env.ASSEMBLYAI_API_KEY).
  • [PROMPT_INJECTION]: The skill addresses the attack surface of indirect prompt injection when processing untrusted audio data. It mitigates this risk by providing examples that use XML-style boundary markers (e.g., <transcript>) to isolate untrusted content from system instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 03:56 AM