asr
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes transcription text produced from user-provided audio files in Step 4. This creates a surface for indirect prompt injection where malicious instructions embedded in the audio could be interpreted by the agent during the text-refining (polishing) phase. Ingestion points: Transcribed audio text from Step 3. Boundary markers: None (text is processed directly without delimiters). Capability inventory: Writing transcription files to the current working directory in Step 6. Sanitization: None detected.
- [COMMAND_EXECUTION]: The skill executes local commands such as 'which', 'ls', and the 'coli' CLI tool to perform environment checks and transcription tasks. This is the intended primary purpose and uses the author's own CLI tool.
- [EXTERNAL_DOWNLOADS]: The skill suggests installing the '@marswave/coli' Node.js package and mentions that speech recognition models are downloaded during operation. These resources belong to the vendor's own infrastructure and are documented neutrally.
Audit Metadata