agent-right-brain
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's core functionality relies on executing the
rawgenaibinary with various arguments to perform creative tasks such as TTS, STT, and media generation. - [EXTERNAL_DOWNLOADS]: Instructions guide the user to install a CLI tool from a third-party Homebrew tap (
WHQ25/tap/rawgenai) managed by the skill's author. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface when processing external content. \n
- Ingestion points: Audio files provided for STT (rawgenai stt) and JSON files used for the dialogue feature (rawgenai elevenlabs dialogue -i script.json). \n
- Boundary markers: No explicit markers or delimiters are used in the prompt instructions to isolate the output of these tools. \n
- Capability inventory: The agent can execute shell commands via the rawgenai utility, which interacts with external web services. \n
- Sanitization: There is no mention of sanitizing or escaping the text returned from STT or JSON parsing before it enters the agent's context.
Audit Metadata