text-to-speech
Pass
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the
beltCLI tool via theBashtool to interact with the inference.sh platform and run various text-to-speech models, such asbelt app run inworld/text-to-speech-2andbelt app run infsh/kokoro-tts. - [EXTERNAL_DOWNLOADS]: The documentation references external resources for installation, including a GitHub-hosted installation script (
cli-install.mdfrom theinference-shorganization) and usesnpxto install additional functional skills (e.g.,belt-sh/cli). These are standard dependencies for the skill's operation. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes untrusted text data via the
--inputparameter inbeltcommands (as seen inSKILL.md). There are no explicit boundary markers or sanitization steps shown in the examples to prevent the engine from processing instructions that might be embedded in the user-provided text. This is documented as an inherent risk of the skill's primary function of processing text for speech synthesis.
Audit Metadata