speech-pathology-ai
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires access to the Bash tool to install standard Python dependencies such as librosa, torch, and transformers for its core speech analysis functionality.- [EXTERNAL_DOWNLOADS]: The skill fetches pre-trained speech models from Hugging Face, a well-known AI model repository (e.g., facebook/wav2vec2-xls-r-300m).- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its data ingestion pipeline.
- Ingestion points: Processes external audio chunks and their resulting transcriptions in references/mellifluo-platform.md and references/ai-models.md.
- Boundary markers: No explicit delimiters or specific instructions to ignore embedded commands are present in the processing logic.
- Capability inventory: The agent is granted Bash, Write, and Edit tool permissions, which could be abused if malicious instructions are successfully injected via transcription.
- Sanitization: There is no evidence of transcription content validation or sanitization before it is used to generate feedback or determine next steps.- [REMOTE_CODE_EXECUTION]: The RealTimePERCEPTR class in references/ai-models.md uses torch.load(model_path), which utilizes the pickle module for deserialization. This is a known security risk that can allow arbitrary code execution if a malicious model file is loaded.
Audit Metadata