assemblyai-transcribe
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Provides and executes a local Node.js script (assemblyai.mjs) to manage the transcription workflow and API interactions.
- [EXTERNAL_DOWNLOADS]: Communicates with AssemblyAI official endpoints (api.assemblyai.com) to upload media files and retrieve transcription results.
- [DATA_EXFILTRATION]: Accesses the local filesystem to read media files for upload and allows writing transcription output to arbitrary local paths via the --out flag.
- [PROMPT_INJECTION]: Indirect prompt injection surface identified. The skill ingests untrusted transcription content from external sources which could contain instructions intended to influence the agent.
- Ingestion points: Transcription text is retrieved from the AssemblyAI API in assemblyai.mjs via the get, wait, and transcribe commands.
- Boundary markers: Absent. The skill instructions do not provide delimiters or warnings to the agent to treat transcription output as untrusted data.
- Capability inventory: The script has the capability to read local files (transcribe, --config) and write to local files (--out).
- Sanitization: Absent. Data returned from the transcription service is handled as raw text or JSON without filtering.
Audit Metadata