Skills
skills/cklxx/elephant.ai/audio-tts/Gen Agent Trust Hub

audio-tts

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the subprocess.run function in run.py to call macOS system tools say and afconvert. The implementation uses a list of arguments rather than a shell string, which effectively prevents shell command injection.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted user data via the text parameter without sanitization or boundary markers. However, the impact is minimal as the data is only used for audio generation and does not influence agent logic.
  • Ingestion points: The text and voice parameters in the speak function in run.py receive input that may originate from untrusted sources.
  • Boundary markers: None present; the input is interpolated directly into the command arguments.
  • Capability inventory: The skill can execute say and afconvert commands and write files to the local file system (using the output parameter) via subprocess.run and Path.mkdir in run.py.
  • Sanitization: The input text is stripped but otherwise unsanitized before being passed to the say utility.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 02:52 PM