audio-transcribe
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The instructions in SKILL.md utilize shell commands ('ls -la' and 'uv run') that incorporate the '$INPUT_FILE' variable. This creates a surface for command injection if a user provides a file path containing shell metacharacters and the agent environment lacks proper sanitization.
- [EXTERNAL_DOWNLOADS] (LOW): The transcribe.py script depends on the whisperx library, which downloads AI models from Hugging Face at runtime. Although Hugging Face is a trusted organization, these constitute external network dependencies. Per [TRUST-SCOPE-RULE], this is classified as LOW.
- [PROMPT_INJECTION] (LOW): The skill processes untrusted media content and displays a transcription preview, creating an indirect prompt injection surface where the transcript could influence agent behavior. \n
- Ingestion points: User-provided audio/video files processed by transcribe.py. \n
- Boundary markers: Absent; the transcription content is displayed directly without delimiters or warnings. \n
- Capability inventory: Shell execution (ls, uv run) and file write operations (transcribe.py). \n
- Sanitization: Absent.
Audit Metadata