text-to-speech
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires standard packages including the 'edge-tts' Python package and Node.js packages '@modelcontextprotocol/sdk', 'ws', and 'fs-extra'. These are reputable libraries for the described speech synthesis and MCP server tasks.
- [DATA_EXFILTRATION]: Text content is sent to the Microsoft Edge TTS endpoint at 'speech.platform.bing.com' for audio generation. This is a well-known service from a trusted provider and the data transmission is necessary for the skill's primary function.
- [PROMPT_INJECTION]: The skill processes untrusted documents and includes features to summarize them via an LLM, creating a vulnerability surface for indirect prompt injection.
- Ingestion points: Active VS Code editor text and markdown documents provided by the user.
- Boundary markers: No specific boundary markers or 'ignore embedded instructions' warnings are documented for the summarization or synthesis prompts.
- Capability inventory: The skill can read local files, establish network WebSocket connections, write audio files to the disk, and interact with the VS Code Language Model API.
- Sanitization: While the skill strips markdown formatting for auditory clarity, it does not mention content validation or sanitization to prevent the execution of instructions embedded in the documents.
Audit Metadata