assemblyai-streaming
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection as it processes untrusted audio data which is converted to text transcripts. If these transcripts are subsequently fed into an LLM, an attacker could potentially influence the agent's behavior via spoken instructions.\n
- Ingestion points:
audio_gen()in Python recipe and WebSocket stream inSKILL.md.\n - Boundary markers: Absent in the provided code snippets.\n
- Capability inventory: The skill is granted
BashandPythonexecution tools, creating a high-impact target for successful injection.\n - Sanitization: No sanitization or filtering of transcribed text is implemented or recommended in the provided recipes.\n- CREDENTIALS_UNSAFE (SAFE): The skill correctly identifies API keys as sensitive data and explicitly directs the user to use environment variables (
ASSEMBLYAI_API_KEY) or short-lived tokens instead of hardcoding credentials.\n- EXTERNAL_DOWNLOADS (SAFE): The recommended libraries (assemblyaiandpyaudio) are standard and necessary for the skill's stated purpose of audio processing and API interaction.
Audit Metadata