Skills
skills/erichowens/some_claude_skills/speech-pathology-ai/Gen Agent Trust Hub

speech-pathology-ai

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill uses torch.load() in references/ai-models.md for model loading, which is a potential vector for arbitrary code execution through pickle deserialization if model files are tampered with.
  • [EXTERNAL_DOWNLOADS]: Pre-trained models are downloaded from Hugging Face Hub, including trusted sources like Facebook and unverified individual accounts.
  • [PROMPT_INJECTION]: There is an attack surface for indirect prompt injection due to the ingestion of external web content via WebFetch and Firecrawl tools combined with Bash access. Ingestion points: mcp__firecrawl__firecrawl_search, WebFetch; Boundary markers: none; Capability inventory: Bash, Write, Edit; Sanitization: none.
  • [COMMAND_EXECUTION]: Requests Bash tool permissions for Python-based audio processing library management.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 02:27 PM