transcribe
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the agent to run a shell command (transcribe) with file path arguments. This introduces a risk of command injection if the filename or path is malicious and the underlying bash wrapper does not properly sanitize inputs.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. It processes untrusted audio data and instructs the agent to include the output transcription in its response, which could allow an attacker to embed instructions in audio files.
- Ingestion points: External audio files provided as input to the agent.
- Boundary markers: Absent. The agent is not instructed to use specific delimiters for the transcribed text.
- Capability inventory: Subprocess execution of the transcribe CLI tool.
- Sanitization: Absent. No verification or sanitization of the transcribed text is performed.
- [NO_CODE]: The skill description refers to external scripts (install.sh and transcribe) that are not included in the provided file. This prevents a complete audit of the installation process, which might include unverified downloads or insecure command handling.
Audit Metadata