gemini-audio
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface by interpolating user-provided text arguments directly into the prompts sent to the Google Gemini API. This occurs in the analyze.py, transcribe.py, and generate-speech.py scripts. Ingestion points: CLI arguments for prompts and text, and the content of uploaded audio files. Boundary markers: The scripts do not use explicit delimiters or instructions to isolate user input. Capability inventory: The skill can read local audio files, write results to the filesystem, and communicate with the Google Gemini API. Sanitization: No sanitization is implemented in the executable scripts before user input is sent to the model.
- [EXTERNAL_DOWNLOADS]: The skill requires the google-genai Python package and mentions @google/generative-ai for JavaScript; both are recognized as official and trusted libraries from Google.
- [COMMAND_EXECUTION]: The skill includes several Python scripts designed for local execution to perform its core audio processing and file management functions using the official SDK.
Audit Metadata