voice-extractor
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes a local script
voice-extractor.tsusing thebunruntime to perform transcript analysis. This is the core functionality and uses a path relative to the plugin root. - [PROMPT_INJECTION]: The skill processes untrusted text data from transcripts (e.g., WhatsApp, YouTube auto-captions), which introduces a surface for indirect prompt injection.\n
- Ingestion points: Files like
transcript.txtare passed to thevoice-extractor.tsscript.\n - Boundary markers: The workflow does not include instructions to wrap external content in delimiters or use 'ignore' directives.\n
- Capability inventory: The skill allows the agent to execute shell commands and update author profile metadata.\n
- Sanitization: Sanitization logic is unknown as the
voice-extractor.tsscript was not provided in the analyzed content.
Audit Metadata