sherpa-onnx-tts
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches pre-compiled executable binaries and voice models from the official GitHub releases of the k2-fsa/sherpa-onnx project repository.
- [COMMAND_EXECUTION]: Executes the local 'sherpa-onnx-offline-tts' binary using the 'spawnSync' method to process text into audio files.
- [COMMAND_EXECUTION]: Dynamically modifies environment variables such as 'LD_LIBRARY_PATH', 'DYLD_LIBRARY_PATH', and 'PATH' at runtime to ensure the runtime's shared libraries are correctly resolved by the operating system.
- [PROMPT_INJECTION]: The skill ingests untrusted text data and passes it to the synthesis engine, creating a surface for indirect prompt injection.
- Ingestion points: The main text argument passed to the 'sherpa-onnx-tts' script (bin/sherpa-onnx-tts).
- Boundary markers: Absent; the input text is not wrapped in delimiters or accompanied by instructions to ignore embedded commands.
- Capability inventory: The skill can spawn subprocesses ('spawnSync') and interact with the file system ('fs.mkdirSync', 'fs.readdirSync').
- Sanitization: No evidence of validation or filtering for the input text before it is passed to the synthesis binary.
Audit Metadata