Skills
skills/skillssh/skills/speech-to-text/Gen Agent Trust Hub

speech-to-text

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references an installation script for the infsh CLI hosted on the vendor's official GitHub repository.
  • [COMMAND_EXECUTION]: The skill utilizes the infsh command-line tool to perform audio transcription, translation, and media processing tasks.
  • [PROMPT_INJECTION]: The skill processes data from external media URLs, which serves as a surface for indirect prompt injection if the transcribed content contains spoken instructions intended to influence the agent.
  • Ingestion points: Media URLs (audio_url, video_url) passed to the transcription models in SKILL.md.
  • Boundary markers: No delimiters or instructions are used to separate transcribed text from other agent context.
  • Capability inventory: The skill has the ability to execute shell commands via the infsh CLI.
  • Sanitization: There is no evidence of sanitization or filtering of the transcribed text before it is returned to the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 07:30 PM