local-media-transcription

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill constructs and executes PowerShell commands (e.g., whisper, ffmpeg, ffprobe) using user-provided file paths. Although the placeholders are wrapped in double quotes, paths containing malicious characters or escape sequences could potentially lead to command injection.
  • [EXTERNAL_DOWNLOADS]: The reference documentation includes instructions for installing third-party Python packages (whisperx, pyannote.audio) using pip. These are well-known tools in the transcription and audio analysis ecosystem.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it transcribes external media and then instructs the agent to summarize or organize the resulting text. Malicious instructions embedded in the audio/video content could attempt to influence the agent's behavior during the summarization phase.
  • Ingestion points: Local media files (MP4, M4A, MP3, WAV, WEBM) as described in SKILL.md and references/transcription-workflow.md.
  • Boundary markers: None present to separate transcribed text from instructions.
  • Capability inventory: PowerShell script execution and local file system access (read/write).
  • Sanitization: No explicit validation or sanitization is performed on the transcribed text before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 06:41 PM
Security Audit — agent-trust-hub — local-media-transcription