transcribe
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
- Persistence Mechanisms (HIGH): The skill's setup instructions suggest adding export commands to shell profiles (~/.bashrc, ~/.zshrc). This is a persistence technique that allows persistent configuration or code execution across all future terminal sessions.\n- Indirect Prompt Injection (LOW): The skill ingests data from external audio files. Ingestion point: Audio file content via transcription. Boundary markers: Absent. Capability inventory: The skill executes transcribe.sh and returns text to the agent. Sanitization: None. Transcribed text could contain malicious instructions designed to hijack the agent's logic.\n- No Code (SAFE): The file 'transcribe.sh' is required for the skill to function but is not included in the provided source files, preventing a full audit of the actual command logic.
Recommendations
- AI detected serious security threats
Audit Metadata