Skills
skills/inferen-sh/skills/speech-to-text/Gen Agent Trust Hub

speech-to-text

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the 'infsh' CLI and references external skill packages from the vendor's GitHub repository ('inference-sh/skills'). These are vendor-provided resources necessary for the skill's functionality.
  • [COMMAND_EXECUTION]: The skill relies on executing the 'infsh' command-line interface via Bash to perform transcription and translation tasks, which requires the agent to have shell execution permissions.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through processed audio data. Transcribed text is returned to the agent without sanitization or boundary markers.
  • Ingestion points: Transcription results from 'infsh app run' in SKILL.md.
  • Boundary markers: Absent; transcriptions are processed as raw text.
  • Capability inventory: Shell access for the 'infsh' CLI and Bash.
  • Sanitization: Absent; no validation or escaping of the transcription output.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 10:02 PM