Skills
skills/cinience/alicloud-skills/alicloud-ai-audio-cosyvoice-voice-clone/Gen Agent Trust Hub

alicloud-ai-audio-cosyvoice-voice-clone

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection surface.
  • Ingestion points: The voice_sample_url parameter in SKILL.md and scripts/prepare_cosyvoice_clone_request.py accepts external audio URLs.
  • Boundary markers: Absent.
  • Capability inventory: The skill has local file-writing and script execution capabilities.
  • Sanitization: Only basic character constraints for the prefix field are documented, but no strict validation is implemented in the script.
  • [DATA_EXFILTRATION]: Local file path manipulation. The script scripts/prepare_cosyvoice_clone_request.py performs file read operations via Path.read_text() for the --validate-response argument and write operations for the --output argument. This could be exploited to read sensitive local files or overwrite data if an agent is successfully manipulated into using unauthorized system paths.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 03:28 AM