Skills
skills/bholmesdev/skills/transcribe/Gen Agent Trust Hub

transcribe

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands to run the whisper transcription tool and the macOS open utility. User-supplied file paths are properly quoted in the bash script to prevent command injection.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes transcribed text from external media files and instructs the agent to review and 'clean up' the content.
  • Ingestion points: Transcribed text generated by the whisper command in SKILL.md.
  • Boundary markers: None; the agent reviews the transcript without specific delimiters or instructions to ignore embedded commands.
  • Capability inventory: Shell command execution for transcription and file discovery in SKILL.md.
  • Sanitization: None; the raw transcript output is processed directly by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 01:49 PM