Skills
skills/bytedance/agentkit-samples/byted-podcast-gen/Gen Agent Trust Hub

byted-podcast-gen

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill's behavior is consistent with its stated purpose of generating podcast audio via the Bytedance Volcengine service.
  • [DATA_EXFILTRATION]: The skill transmits user-provided text and URL content to the official Bytedance endpoint (openspeech.bytedance.com) for processing. This is a core feature and targets the vendor's own well-known service infrastructure.
  • [COMMAND_EXECUTION]: The skill executes Python scripts to manage WebSocket connections and binary protocol serialization for audio synthesis.
  • [CREDENTIALS_UNSAFE]: The script scripts/api_key.py manages API keys by interacting with the Bytedance Ark API. It stores keys in a local .env file with appropriate permissions (chmod 0o600) when the python-dotenv library is available, which is a standard security practice for credential management.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted content from external URLs or local files. This represents an indirect prompt injection surface where the content could potentially influence the podcast generation logic at the API level.
  • Ingestion points: scripts/podcast.py reads data from user-supplied URLs or text inputs via the --input_url and --text arguments.
  • Boundary markers: No explicit delimiter markers are observed when passing text content to the backend API in _generate.
  • Capability inventory: The skill has network access (WebSocket) and file writing capabilities (saving audio output).
  • Sanitization: No content sanitization is performed on the input text before transmission to the remote service.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 03:01 PM