Skills
skills/megastep/codex-skills/axiom-ios-ml-speech/Gen Agent Trust Hub

axiom-ios-ml-speech

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill implements an indirect prompt injection surface in the 'Integration with Apple Intelligence' section.
  • Ingestion points: The 'transcript' string, which contains untrusted content from speech-to-text operations, is directly interpolated into a language model prompt in SKILL.md.
  • Boundary markers: No delimiters or instructions to ignore embedded commands are present in the prompt template used for title generation.
  • Capability inventory: The skill demonstrates passing transcription data to a 'LanguageModelSession' (found in the 'Integration' section) for further processing, which is an exploitable capability.
  • Sanitization: No escaping, validation, or filtering is performed on the transcribed text before it is used in the prompt.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 11:54 AM