chough
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill performs downloads from the author's official repositories (github.com/hyperpuncher) during installation and initial setup. This includes the 'chough' binary and a machine learning model (approximately 650MB) required for speech-to-text processing.
- [COMMAND_EXECUTION]: The skill operates by executing the 'chough' CLI tool to handle transcription, subtitle generation, and audio extraction from video files.
- [DATA_EXFILTRATION]: The skill features a remote processing mode that transmits audio or video data to an external endpoint. This behavior is triggered by the '--remote' flag and targets a server specified by the user via the 'CHOUGH_URL' environment variable.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes external media files and converts their content into text for the agent. This could allow spoken instructions within the media to influence the agent's downstream tasks. 1. Ingestion points: Audio and video files (e.g., mp3, mp4) processed by the skill in SKILL.md. 2. Boundary markers: None identified; the transcribed text is output directly as strings, JSON, or VTT. 3. Capability inventory: Execution of the 'chough' CLI tool for transcription and media processing. 4. Sanitization: No sanitization or filtering of the transcribed text is indicated in the provided documentation.
Audit Metadata