sag
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the 'sag' utility from the author's official Homebrew tap (steipete/tap/sag). As this is a vendor-owned resource, it is considered safe for the intended functionality.
- [COMMAND_EXECUTION]: The skill utilizes shell commands to execute the 'sag' binary for generating audio files and listing available voices.
- [PROMPT_INJECTION]: The skill identifies an indirect prompt injection surface where user-provided text is passed to the command line for speech synthesis. 1. Ingestion points: User message strings intended for speech (SKILL.md). 2. Boundary markers: Double quotes are used around the message argument in the provided bash examples, though no explicit delimiters are mandated. 3. Capability inventory: Execution of the 'sag' binary via shell command (SKILL.md). 4. Sanitization: No specific character escaping or sanitization logic is provided in the skill instructions. This surface is expected for a text-to-speech utility.
Audit Metadata