openai-whisper-api
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill transmits audio data and the user's API key to OpenAI's official endpoint (api.openai.com). This is the core functionality of the skill and targets a well-known service.
- [COMMAND_EXECUTION]: The script 'transcribe.sh' executes shell commands including 'mkdir' and 'curl'. It employs proper variable quoting to mitigate standard shell injection risks.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes external audio files whose transcripts could contain malicious instructions for downstream agents. Evidence Chain: 1. Ingestion points: Input audio file and '--prompt' argument in transcribe.sh. 2. Boundary markers: Absent. 3. Capability inventory: Network communication via curl and file system write access. 4. Sanitization: None.
Audit Metadata