voice-checker
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted text data from lyrics and prose files provided via user arguments, which creates a surface for indirect prompt injection where instructions embedded in the data could attempt to influence the generated report.
- Ingestion points: Reads files from paths specified in $ARGUMENTS, including track files, README.md, and promo documents.
- Boundary markers: The instructions do not define delimiters or provide specific warnings to the agent to ignore instructions embedded in the content being reviewed.
- Capability inventory: The skill is restricted to Read, Glob, and Grep tools; it lacks network access, file-writing capabilities, or tools for arbitrary code execution.
- Sanitization: No sanitization, validation, or filtering of the processed text content is described in the skill instructions.
Audit Metadata