byted-podcast-gen
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the agent to execute a local Python script
scripts/podcast.pyto process inputs and manage the audio synthesis workflow. This execution is scoped to the skill's directory and performs expected tasks. - [EXTERNAL_DOWNLOADS]: The script establishes a WebSocket connection to
openspeech.bytedance.com. This domain is owned by the vendor (ByteDance) and is the official endpoint for the required PodcastTTS service. No unverified third-party domains are contacted. - [PROMPT_INJECTION]: The skill processes untrusted data from user-provided URLs and long-form text (Category 8 surface). While it lacks explicit boundary markers for this data, the risk is mitigated as the primary output is a generated audio file, and the data does not influence the agent's privilege level or system instructions. The risk is considered acceptable for its primary content-generation purpose.
- [SAFE]: The skill implements secure credential handling in
scripts/api_key.py. It uses environment variables and.envfiles to store sensitive API keys and explicitly sets restrictive file permissions (0o600) to prevent local unauthorized access.
Audit Metadata