voice-ai
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a technical reference and template for integrating voice-processing services. It contains no malicious intent or harmful instructions.
- [CREDENTIALS_UNSAFE]: No hardcoded API keys or secrets were found. The skill follows the security best practice of retrieving sensitive credentials from environment variables (e.g., DEEPGRAM_API_KEY, GROQ_API_KEY, CARTESIA_API_KEY).
- [EXTERNAL_DOWNLOADS]: The skill references standard Python libraries (deepgram-sdk, groq, cartesia, twilio, fastapi, httpx) from official package registries. These are necessary and appropriate for the skill's stated purpose.
- [DATA_EXFILTRATION]: No unauthorized data transmission patterns were identified. Network operations are limited to established communication with the specified voice and AI service providers.
- [PROMPT_INJECTION]: While the skill is designed to process untrusted user audio input, it includes explicit, "non-negotiable" guardrails and prompt engineering templates to prevent manipulation of the agent's behavior. These measures include strict rules on information disclosure and automated escalation triggers for human intervention.
Audit Metadata