Skills
skills/llblab/skills/voice-mode/Gen Agent Trust Hub

voice-mode

Fail

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The dependency management script scripts/_install-deps utilizes sudo apt-get install to install system-level audio packages. This requires the user to provide administrative privileges for the skill to function on Linux systems.
  • [COMMAND_EXECUTION]: Core functionality relies on the execution of multiple external binaries and shell scripts for audio playback, recording, and server management, including piper, aplay, sox, and listen-server.
  • [EXTERNAL_DOWNLOADS]: The skill automatically fetches external resources from well-known services: voice models are downloaded from Hugging Face via curl, and Python dependencies are installed from PyPI using pip at both bootstrap and runtime.
  • [PROMPT_INJECTION]: The skill's duplex mode creates an indirect prompt injection surface by processing live audio into agent input.
  • Ingestion points: Transcription of microphone input via scripts/listen.
  • Boundary markers: Absent from the instructions provided to the agent regarding the handling of transcribed text.
  • Capability inventory: Subprocess execution (audio tools, installers), file writing, and network operations (downloads).
  • Sanitization: Not present; the skill only normalizes text for identifying stop phrases.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 14, 2026, 01:26 AM