text-agent-to-nova-sonic-voice

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is a legitimate technical resource for developers. All code and instructions are consistent with the stated purpose of facilitating text-to-voice migration for AI agents.
  • [EXTERNAL_DOWNLOADS]: The skill requires standard dependencies such as FastAPI, Boto3, and the Strands SDK, which are available through official package registries. Documentation also includes instructions for installing system libraries like portaudio via trusted package managers (Brew, Apt).
  • [COMMAND_EXECUTION]: The documentation and examples include standard shell commands for environment setup (pip install, virtual environment creation) and running the FastAPI servers. These are necessary for the skill's functionality and do not contain malicious patterns.
  • [PROMPT_INJECTION]: The skill provides detailed guidance and templates for rewriting system prompts to optimize them for voice interaction (e.g., enforcing brevity, spelling out numbers). These are legitimate instructions for defining agent behavior and do not attempt to bypass safety filters.
  • [SAFE]: The orchestrator component receives agent configuration, including the system prompt, via a WebSocket event from the client. While this represents a data ingestion point, it is a functional requirement for the developer-centric nature of this migration utility.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 02:38 AM
Security Audit — agent-trust-hub — text-agent-to-nova-sonic-voice