voice-ai-development
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references and integrates with several well-known and trusted AI service providers including OpenAI (Realtime API), Deepgram (STT), ElevenLabs (TTS), and Vapi (voice orchestration). These integrations use standard SDKs and are documented neutrally for their intended purpose within the voice AI development context.
- [PROMPT_INJECTION]: The skill is designed to handle untrusted user data via real-time audio and text streaming. This represents an indirect prompt injection surface typical for voice agents. However, the examples lack any dangerous capabilities, such as file system modification or arbitrary shell execution, which significantly limits the potential for harm.
- [COMMAND_EXECUTION]: Code snippets demonstrate the use of standard libraries like
websockets,asyncio, andflaskfor communication and application flow. No evidence of unauthorized or dangerous system command execution was found.
Audit Metadata