voice-extractor
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection by ingesting untrusted writing samples.
- Ingestion points: Writing samples (emails, Slack, transcripts) are loaded from user input in SKILL.md.
- Boundary markers: The skill lacks explicit delimiters or instructions to ignore embedded commands within the samples.
- Capability inventory: No scripts or dangerous capabilities such as file access, network operations, or code execution were detected in the skill file.
- Sanitization: There is no evidence of sanitization or validation of the input samples before they are processed by the agent.
- [NO_CODE]: The skill consists entirely of markdown instructions and does not include any scripts, binaries, or package dependencies.
Audit Metadata