alicloud-ai-audio-tts-realtime
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-provided 'text' and 'instruction' parameters which are passed directly to the TTS model. This presents an indirect prompt injection surface where malicious instructions in external data could attempt to influence the synthesized output. * Ingestion points: 'text' and 'instruction' arguments in 'scripts/realtime_tts_demo.py'. * Boundary markers: None present. * Capability inventory: Network access for API calls and audio downloads, and file writing to the output directory in 'scripts/realtime_tts_demo.py'. * Sanitization: No input sanitization or validation is performed on the synthesis text or instructions.
- [DATA_EXFILTRATION]: The script 'scripts/realtime_tts_demo.py' reads credentials from the sensitive file path '~/.alibabacloud/credentials'. This is standard and expected behavior for the Alibaba Cloud provider to authenticate API requests.
- [EXTERNAL_DOWNLOADS]: The skill requires the 'dashscope' library, which is the official SDK for Alibaba Cloud's Model Studio, and downloads generated audio files from the service's API endpoints via 'urllib.request'.
- [COMMAND_EXECUTION]: The skill documentation provides shell commands for environment setup, dependency installation using pip, and executing the local demo script for synthesis verification and health checks.
Audit Metadata