Skills
skills/iopho-team/iopho-skills/iopho-voiceover-tts/Gen Agent Trust Hub

iopho-voiceover-tts

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands for audio processing and dependency management using ffmpeg, python3, and pip. This is consistent with its stated purpose of audio generation and assembly.
  • [EXTERNAL_DOWNLOADS]: The skill documentation includes instructions to install the edge-tts package and references official APIs for ElevenLabs and MiniMax. These are well-known and legitimate resources.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its ability to ingest and process text from external files.
  • Ingestion points: The generate mode reads text from files such as vo-script.md, JSON cues, and storyboard files (SKILL.md).
  • Boundary markers: The instructions do not define delimiters or warnings to ignore instructions embedded in these files.
  • Capability inventory: The skill has access to shell tools (ffmpeg, python3) and file writing capabilities.
  • Sanitization: There is no evidence of sanitization or validation of the text content extracted from external sources before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 04:33 AM