openai-whisper
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill configuration specifies the installation of the openai-whisper package using the Homebrew package manager.- [PROMPT_INJECTION]: The skill processes untrusted audio data which can lead to indirect prompt injection.
- Ingestion points: Audio files (e.g., .mp3, .m4a) processed by the whisper command.
- Boundary markers: None specified; transcriptions are processed as raw text output.
- Capability inventory: Execution of the whisper CLI tool for transcription and translation.
- Sanitization: No evidence of sanitization or filtering of transcribed text before it is returned to the agent context.
Audit Metadata