The Agent Skills Directory

[SAFE]: The skill performs its documented function using legitimate API interactions and does not contain any malicious patterns or safety guideline bypasses.
[COMMAND_EXECUTION]: The bash script uses the curl binary to perform HTTP requests to the transcription endpoint.
[EXTERNAL_DOWNLOADS]: Communicates with the official OpenAI API at api.openai.com to send audio data and receive transcriptions.
[DATA_EXFILTRATION]: Transmits user-specified audio files to OpenAI's servers. This is considered safe as it is the primary intended function of the skill and targets a well-known, trusted service provider.
[CREDENTIALS_UNSAFE]: Utilizes an OPENAI_API_KEY for authentication. The skill correctly instructs the user to provide this via environment variables or a configuration file rather than hardcoding credentials.
[PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection by processing external audio data and accepting user-provided prompts. Evidence chain: 1. Ingestion points: audio file and --prompt argument in scripts/transcribe.sh; 2. Boundary markers: None; 3. Capability inventory: curl network request and local file writing; 4. Sanitization: None. This is documented as a baseline surface risk for transcription-related skills.

openai-whisper-api