Skills
skills/linuxhsj/openclaw-zero-token/sag/Gen Agent Trust Hub

sag

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the sag binary via a third-party Homebrew tap (steipete/tap/sag).\n- [COMMAND_EXECUTION]: The skill instructs the agent to run the sag command-line tool to perform text-to-speech and generate audio files in /tmp/.\n- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by processing user-controlled text directly into shell commands for speech generation.\n
  • Ingestion points: User-provided text for voice replies as described in the Chat voice responses section of SKILL.md.\n
  • Boundary markers: The skill suggests wrapping the user message in double quotes within the shell command.\n
  • Capability inventory: Local shell command execution using the sag CLI tool.\n
  • Sanitization: There is no explicit sanitization or escaping of shell meta-characters within the provided instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 12:13 AM