Skills
skills/sickn33/antigravity-awesome-skills/azure-speech-to-text-rest-py/Gen Agent Trust Hub

azure-speech-to-text-rest-py

Pass

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: SAFEDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill reads local audio files to perform transcription services via external APIs.
  • Evidence: Uses open(audio_file_path, "rb") and transmits the data to remote endpoints.
  • Context: Transmission is directed to official Microsoft Azure subdomains (*.stt.speech.microsoft.com), which is an expected behavior for the skill's purpose.
  • [EXTERNAL_DOWNLOADS]: Recommends and utilizes standard Python libraries for network operations.
  • Evidence: Instructions include pip install requests and the implementation uses aiohttp for asynchronous requests.
  • [PROMPT_INJECTION]: The skill ingests and processes audio data which is then transcribed into text, creating a surface for indirect prompt injection.
  • Ingestion points: Input audio files via audio_file_path parameter in SKILL.md.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded content are present in the code snippets.
  • Capability inventory: Network communication (requests.post, aiohttp.ClientSession.post) and file system access (open) within SKILL.md.
  • Sanitization: No sanitization, validation, or filtering of the transcribed text is performed before it is returned to the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 14, 2026, 07:14 AM