audio-understanding
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill instructions use
npx -y superconductor-gemini-skillsto download and execute an external package. This package is not from a trusted organization or repository listed in the security guidelines. - REMOTE_CODE_EXECUTION (MEDIUM): The use of
npx -yallows for the execution of remote code at runtime. Without specific version pinning or source verification, this presents a supply chain risk. - COMMAND_EXECUTION (LOW): The skill executes shell scripts (
gemini.sh) and system commands (npx) to facilitate audio processing. While necessary for the skill's function, it increases the attack surface. - PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection via transcribed audio content.
- Ingestion points: Local audio files and YouTube URLs processed via the
--fileargument. - Boundary markers: Absent; there are no delimiters or instructions to ignore embedded commands in the transcribed text.
- Capability inventory: The skill executes shell commands and interacts with the Gemini API to process and summarize data.
- Sanitization: None; the skill transcribes and directly processes external content without validation or escaping.
Audit Metadata