Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/deepgram-observability/Gen Agent Trust Hub

deepgram-observability

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it retrieves transcription data from external audio URLs and returns the content directly to the agent context. Ingestion points: External audio content processed via the transcribeUrl method in references/implementation.md. Boundary markers: Absent; transcription results are returned to the agent without delimiters or instructions to ignore embedded commands. Capability inventory: Access to kubectl, curl, Write, and Edit tools as defined in the skill's allowed-tools configuration. Sanitization: No sanitization or filtering is performed on the transcription output before it is processed by the agent.
  • [COMMAND_EXECUTION]: The skill's configuration allows the use of powerful CLI tools including kubectl and curl. While no specific malicious commands were found in the provided implementation snippets, the presence of these tools in the agent's capability inventory increases the potential impact of a successful prompt injection attack.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 05:00 PM