sag
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the "sag" binary from a third-party Homebrew repository (steipete/tap/sag).
- [COMMAND_EXECUTION]: The skill executes the "sag" command-line utility to generate audio files from text strings.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface where user-provided text is passed to the "sag" utility. 1. Ingestion points: message strings used in the "sag" command (SKILL.md). 2. Boundary markers: None present. 3. Capability inventory: execution of the "sag" CLI and writing output to the "/tmp" directory. 4. Sanitization: No explicit input validation or escaping is described.
Audit Metadata