live-transcribe
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands to manage the lifecycle of a background transcription process and handle API credentials. Specifically, it sources a local
.envfile and executes a Python script in the background usingnohup. - [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by transcribing live microphone audio into text files that the agent is encouraged to read. Spoken instructions captured from the environment could be misinterpreted as command directives by the agent.
- Ingestion points: The agent reads transcribed content from files in the
/tmp/transcribe-*.txtpattern. - Boundary markers: No delimiters or instructions to ignore embedded commands are specified when the agent reads the transcribed text.
- Capability inventory: The skill allows for shell command execution, process management, and file system access.
- Sanitization: There is no evidence of text sanitization or filtering applied to the transcription output before it is processed by the agent.
Audit Metadata