transcribe-audio
Fail
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: HIGHCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The instructions in 'SKILL.md' (Step 2) direct the agent to build and run a 'whisperx' shell command using values read from 'libraries/settings.yaml' and 'library.yaml' without sanitization.\n
- Evidence: The command template 'whisperx ... --language [mapped language code] --model [whisper_model from settings]' directly interpolates file-derived content into a shell execution context.\n
- Risk: If an attacker places shell metacharacters (such as semicolons, backticks, or pipes) inside the 'whisper_model' or 'language' fields, the agent will execute the injected commands with the user's privileges.\n- [COMMAND_EXECUTION]: The skill executes a Ruby script ('prepare_audio_script.rb') using paths and filenames that may be influenced by external input.\n
- Evidence: 'ruby .claude/skills/transcribe-audio/prepare_audio_script.rb libraries/[library-name]/transcripts/video_name.json ...' in 'SKILL.md' (Step 3).\n
- Risk: Placeholders like '[library-name]' are not explicitly sanitized, creating a secondary vector for command injection if the environment variables or filenames are attacker-controlled.
Recommendations
- AI detected serious security threats
Audit Metadata