transcribe
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill executes a Python script within a defined conda environment (
research-assistant) to process audio files. This is the intended behavior and is restricted to local execution. - [CREDENTIALS_UNSAFE] (SAFE): The skill references the use of
HF_TOKENfor speaker diarization but correctly instructs users to store it in a.envfile. No hardcoded credentials or secrets were found in the provided files. - [EXTERNAL_DOWNLOADS] (SAFE): The tool relies on downloading models from HuggingFace and OpenAI. These are trusted sources in the machine learning ecosystem.
- [DATA_EXFILTRATION] (SAFE): No evidence of unauthorized data transmission. The network activity is limited to downloading model weights and legitimate API authentication with HuggingFace.
- [PROMPT_INJECTION] (LOW): Represents an indirect prompt injection surface (Category 8). Malicious audio content (e.g., a person speaking 'Ignore all previous instructions') could be transcribed and potentially influence downstream agents like a summarizer.
- Ingestion points: Audio files in
.research/meetings/audio/. - Boundary markers: None explicitly mentioned in the transcription output.
- Capability inventory: Shell command execution for transcription; file writing to
.research/meetings/transcripts/. - Sanitization: No transcript sanitization mentioned.
Audit Metadata