deepgram-security-basics
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides comprehensive security guidelines and implementation examples for Deepgram integrations.
- [DATA_EXPOSURE_&_EXFILTRATION]: No hardcoded credentials or unauthorized data exfiltration patterns found. The skill actively promotes using environment variables and secret managers (AWS/GCP) for API keys.
- [REMOTE_CODE_EXECUTION]: No remote code execution patterns or unverified external scripts detected. The skill uses official SDKs for Deepgram and cloud providers.
- [INDIRECT_PROMPT_INJECTION]: While the skill involves processing external data (audio URLs), it provides robust mitigation strategies:
- Ingestion points: Untrusted URLs provided by users in
SKILL.mdStep 5. - Boundary markers: Not applicable as the skill focuses on backend implementation rather than agent prompt construction.
- Capability inventory: Performs network requests to Deepgram API via official SDK.
- Sanitization: Includes explicit SSRF prevention logic (
validateAudioUrl) and PII redaction settings (redact: ['pci', 'ssn', 'numbers']).
Audit Metadata