author-profile
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a shell command to execute a local script (
voice-extractor.ts) via thebunruntime for analyzing transcript files. - Evidence: Found in the
Option 2: Extract from Transcriptssection ofSKILL.md. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted text from transcripts to define and influence the agent's writing persona and output style.
- Ingestion points: The skill reads external data from
transcripts/*.txt(SKILL.md). - Boundary markers: No explicit boundary markers or instructions to ignore embedded commands within transcripts are present.
- Capability inventory: The skill utilizes shell execution and processes files to determine writing characteristics (SKILL.md).
- Sanitization: There is no evidence of sanitization or content validation for transcript data before it is used to guide the agent's behavior.
Audit Metadata