daily
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill serves as a documentation reference for the Pipecat framework. It contains architectural diagrams and code snippets for integrating various AI services such as LLMs, TTS, and STT, and handling real-time audio/video transport. No malicious commands, obfuscation, or data exfiltration attempts were found.
- [PROMPT_INJECTION]: The skill describes an architecture designed to ingest and process untrusted external data (voice and video) which is then passed to LLMs with tool-calling capabilities. This represents a standard attack surface for indirect prompt injection common in multimodal agent frameworks. * Ingestion points:
transport.input()andstt(Speech-to-text) processors defined in the pipeline architecture in SKILL.md. * Boundary markers: No explicit boundary markers or 'ignore' instructions are demonstrated in the code snippets. * Capability inventory: Supports high-privilege actions including function calling viallm.register_functionand external API integration. * Sanitization: No specific input sanitization or filtering logic is demonstrated in the provided code examples.
Audit Metadata