The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill performs dynamic package installation at runtime to ensure the availability of dependencies.
Evidence: The script scripts/tts.py includes logic in the ensure_noiz_ready function to install the requests library via uv pip install if it is not detected in the environment.
[EXTERNAL_DOWNLOADS]: The skill fetches audio resources from the internet for voice cloning and synthesis.
Evidence: scripts/tts.py and scripts/render_timeline.py download audio files from trusted vendor domains (noiz.ai, storage.googleapis.com) and user-provided URLs using urllib.request and requests.
[COMMAND_EXECUTION]: The skill relies on external command-line utilities for audio manipulation and immediate playback.
Evidence: Subprocess calls are used to execute ffmpeg, ffprobe, kokoro-tts, and system audio players such as afplay or aplay across several scripts (scripts/tts.py, scripts/render_timeline.py).
[CREDENTIALS_UNSAFE]: The skill manages service authentication by storing an API key on the local filesystem.
Evidence: In scripts/tts.py, the save_api_key function writes the Noiz API key to ~/.noiz_api_key in plaintext. While it attempts to secure the file using 0600 permissions, storing secrets unencrypted in the home directory is a risk factor.
[PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection as it processes untrusted input data.
Ingestion points: The skill reads and processes user-provided text input and SRT files in scripts/tts.py and scripts/text_to_srt.py.
Boundary markers: Not implemented to delimit untrusted content.
Capability inventory: Network access for downloads, file system manipulation for saving audio, and command execution (ffmpeg).
Sanitization: No content filtering or validation is performed on the ingested text before it is passed to the TTS engines or used in processing workflows.

tts