deepgram-js-speech-to-text
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing additional tooling via 'npx skills add deepgram/skills'. This command points to the vendor's official skill repository and is a standard way to extend functionality within this ecosystem.- [CREDENTIALS_UNSAFE]: The documentation provides secure guidance for authentication by instructing the user to store the API key in a '.env' file and access it via environment variables rather than hardcoding it into the scripts.- [COMMAND_EXECUTION]: Includes standard shell commands for managing dependencies and running examples, which are consistent with the intended use of a developer-focused SDK skill.- [DATA_EXFILTRATION]: The skill describes the transmission of audio data to Deepgram's API endpoints ('/v1/listen') for transcription, which is the core functionality and intended purpose of the Speech-to-Text service.
Audit Metadata