openai-whisper
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill metadata specifies the installation of the 'openai-whisper' package via the Homebrew package manager and the tool automatically downloads pre-trained models from OpenAI to the local cache directory.
- [COMMAND_EXECUTION]: The skill is designed to invoke the 'whisper' command-line interface to perform audio processing and transcription tasks.
- [PROMPT_INJECTION]: The skill ingests and transcribes external audio data, creating an attack surface for indirect prompt injection. 1. Ingestion points: External audio files like .mp3 and .m4a (SKILL.md). 2. Boundary markers: No delimiters are present to distinguish transcribed content from agent instructions. 3. Capability inventory: Execution of local system commands via the whisper binary (SKILL.md). 4. Sanitization: No content validation or filtering is applied to the transcribed output.
Audit Metadata