Skills
skills/vanman2024/ai-dev-marketplace/stt-integration/Gen Agent Trust Hub

stt-integration

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The script scripts/batch-transcribe.sh is vulnerable to shell command injection. It constructs a command string using filenames found via the find command and then executes that string using eval. If a file in the processed directory has a malicious name (e.g., "; touch RCE; ".mp3), the eval call will execute the injected commands.
  • [PROMPT_INJECTION] (HIGH): The skill possesses a high-risk surface for Indirect Prompt Injection (Category 8).
  • Ingestion points: Untrusted audio and video files are processed for transcription in scripts/transcribe-audio.sh and scripts/batch-transcribe.sh.
  • Boundary markers: Absent. The transcribed text is output directly to the agent's context without any delimiters or 'ignore' instructions.
  • Capability inventory: The skill allows powerful operations including Bash, Read, Write, and Edit, meaning a successful injection via audio content could lead to significant unauthorized system actions.
  • Sanitization: Absent. There is no logic to sanitize or validate the content of the transcription before it is handled by the agent.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 03:19 AM