together-audio
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill transcribes audio data which can contain embedded linguistic instructions, creating an indirect prompt injection surface for agents consuming the output.\n
- Ingestion points: Audio data is ingested via local file system paths and remote URLs in
scripts/stt_transcribe.py,scripts/stt_transcribe.ts, andreferences/stt-models.md.\n - Boundary markers: The scripts and documentation do not implement delimiters or specific instructions to the agent to treat the transcribed text as untrusted data.\n
- Capability inventory: The skill utilizes file system access (reading audio files, writing generated speech) and network access to Together AI's infrastructure (
api.together.aiandapi.together.xyz).\n - Sanitization: The transcription process does not include filtering or sanitization of the resulting text before it enters the agent's context.
Audit Metadata