Skills
skills/soul-brews-studio/oracle-skills-cli/speak/Gen Agent Trust Hub

speak

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/speak.ts executes system utilities including edge-tts, say, and afplay. The code uses Bun.spawn with argument arrays, which is a secure implementation that mitigates shell injection risks by avoiding direct shell execution of user-supplied strings.
  • [EXTERNAL_DOWNLOADS]: The skill relies on the edge-tts Python package. This is a well-known and standard tool for accessing Microsoft's neural text-to-speech services and is considered a safe dependency.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it ingests and processes text from the agent that may originate from untrusted external sources. \n
  • Ingestion points: The text variable in scripts/speak.ts populated via command-line arguments. \n
  • Boundary markers: None. \n
  • Capability inventory: The script spawns subprocesses for speech synthesis and audio playback via Bun.spawn. \n
  • Sanitization: No validation or escaping is performed on the input text before it is passed to the TTS engines.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 12:56 AM