fish-audio
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): No instructions found that attempt to override system behavior or bypass safety constraints.
- [Data Exposure & Exfiltration] (SAFE): The skill does not access sensitive local files or transmit data to unauthorized external domains. Communication is restricted to the Refly platform API.
- [Indirect Prompt Injection] (LOW):
- Ingestion points: The skill ingests untrusted text via the
input_textfield inSKILL.md. - Boundary markers: Absent; the text is passed directly to the generation workflow.
- Capability inventory: The skill has the capability to write files to the user's Desktop and open them using the
reflyCLI. - Sanitization: None detected.
- Assessment: Since the output is restricted to media file generation (audio), the risk of the input text influencing the agent's logic or bypassing security controls is negligible.
- [Persistence & Privilege Escalation] (SAFE): No attempts to modify system configurations, shell profiles, or acquire elevated privileges were detected.
Audit Metadata