long-audio-transcript-processor
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local script (
setup_workspace.py) to create a directory structure and copy source files. This is limited to local file system management for the purpose of organizing the transcript processing workspace.\n- [PROMPT_INJECTION]: The skill processes untrusted transcript data, which presents a surface for indirect prompt injection.\n - Ingestion points: Raw text files in the
1-厑始文件/folder and user-provided notes in2-要求和信息/.\n - Boundary markers: No explicit boundary markers or 'ignore' instructions are used, although the skill's instructions guide the agent to a specific proofreading task.\n
- Capability inventory: The agent has file read/write access and can execute shell commands for workspace management.\n
- Sanitization: No input sanitization is performed on the ingested transcripts or background info.\n- [SAFE]: No external network connections, data exfiltration patterns, or attempts to access sensitive system credentials (e.g., .ssh or .env files) were detected. The skill's behavior and the provided Python script are consistent with its stated purpose.
Audit Metadata