transcribe
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs Python packages via pip (mlx, mlx_whisper, torch, torchaudio, numpy, scipy, anthropic) and tools via Homebrew (ffmpeg). It also downloads Whisper models from HuggingFace repositories (aalst/nb-whisper-large-distil-turbo-beta-mlx and mlx-community/whisper-large-v3-turbo).
- [COMMAND_EXECUTION]: The skill executes various shell commands for setup and operation, including ffmpeg for audio processing and python3 to run the pipeline script.
- [CREDENTIALS_UNSAFE]: The pipeline manages an ANTHROPIC_API_KEY and suggests storing it in a plaintext .env file within the ~/.config/transcribe/ directory.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). Malicious instructions embedded within processed audio files could influence the LLM correction stage.
- Ingestion points: Audio files.
- Boundary markers: LLM system prompt instructions.
- Capability inventory: Bash, Write, Read, Edit.
- Sanitization: The system prompt instructs the model to only fix errors and return corrected text.
Audit Metadata