creator
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell-based tools including
curlfor API interaction,jqfor JSON processing, and the vendor-specific CLIcolifor audio transcription. - [EXTERNAL_DOWNLOADS]: Fetches user-provided media files and web content for processing. Downloads are restricted to temporary directories and occur only after input classification.
- [DATA_EXFILTRATION]: Transmits user-provided content (URLs, text, and media) to the vendor's processing infrastructure at
api.marswave.ai. This is documented as the primary function of the skill and does not involve access to sensitive system files or credentials. - [INDIRECT_PROMPT_INJECTION]: As a content processing tool, the skill possesses an attack surface for indirect prompt injection via user-provided materials and style references.
- Ingestion points: Processes external URLs and user-supplied text during content extraction and style learning phases.
- Boundary markers: Relies on the agent's internal instruction adherence; no explicit delimiters or 'ignore' instructions are visible in the high-level orchestration scripts.
- Capability inventory: Includes file system writes, network requests via
curl, and execution of thecolitranscription tool. - Sanitization: No explicit sanitization of extracted material is performed before it is used to generate content.
Audit Metadata