whisper
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documentation describes the usage of the official and well-known OpenAI Whisper library for audio processing.
- [COMMAND_EXECUTION]: Provides standard instructions for installing system dependencies (ffmpeg) and using the whisper command-line interface.
- [EXTERNAL_DOWNLOADS]: Lists standard, reputable Python dependencies including openai-whisper, transformers, and torch from public registries.
- [DATA_EXPOSURE]: Includes examples for reading local audio files and writing transcription results to local text files, with no evidence of network exfiltration of sensitive data.
- [PROMPT_INJECTION]: The skill processes untrusted audio data through the transcribe function (Ingestion: audio.mp3 in SKILL.md). While it lacks explicit boundary markers or sanitization, its capabilities are limited to printing or writing output to local text files (Capability: file-write in SKILL.md), presenting a low risk of systemic compromise.
Audit Metadata