voice-processing
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): Shell command injection vulnerability in
scripts/clone-voice.sh. The script constructs acurlcommand string using variables like$VOICE_NAME,$DESCRIPTION, and$filewithout any sanitization or shell escaping, and then executes the resulting string usingeval. An attacker providing a malicious name (e.g., containing; whoami) can execute arbitrary shell commands. - Evidence:
RESPONSE=$(eval "$CURL_CMD")inscripts/clone-voice.sh. - [COMMAND_EXECUTION] (MEDIUM): Potential python code injection in
examples/professional-cloning/clone-workflow.sh. Filenames found on the local filesystem are directly interpolated into a python code string passed topython -c. A filename containing a single quote could terminate the intended string and execute malicious Python code. - Evidence:
duration=$(python -c "from pydub import AudioSegment; print(len(AudioSegment.from_file('$file')) / 1000.0)" ...)inexamples/professional-cloning/clone-workflow.sh. - [COMMAND_EXECUTION] (MEDIUM): Runtime script generation and execution in
examples/professional-cloning/clone-workflow.sh. The workflow generates a monitoring script (monitor_${VOICE_ID}.sh) and useschmod +xto make it executable. This dynamic code creation increases the attack surface and risk of persistence or unauthorized execution if the generation logic is compromised. - Evidence:
cat > "monitor_${VOICE_ID}.sh" <<'MONITOR_SCRIPT' ...followed bychmod +x "monitor_${VOICE_ID}.sh"inexamples/professional-cloning/clone-workflow.sh.
Recommendations
- AI detected serious security threats
Audit Metadata