Skills
skills/bytedance/agentkit-samples/byted-podcast-tts/Gen Agent Trust Hub

byted-podcast-tts

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements a legitimate integration with ByteDance's official Podcast TTS service. All network communication is established with the official and trusted domain openspeech.bytedance.com using a secure WebSocket protocol.
  • [PROMPT_INJECTION]: The skill provides an indirect prompt injection surface by ingesting untrusted data through topics, URLs, and long-form text that are sent to the generation engine. However, this is part of the intended functionality and is handled by the service provider's safety guardrails.
  • Ingestion points: Inputs are accepted via the text, input_url, and prompt_text arguments in scripts/podcast.py.
  • Boundary markers: None explicitly implemented; the skill sends the content directly to the synthesis API.
  • Capability inventory: The script is authorized to write audio files to the local output/ directory.
  • Sanitization: Input validation and safety filtering are managed by the ByteDance API on the server side.
  • [DATA_EXFILTRATION]: The _load_json_value function in scripts/podcast.py allows reading local JSON files if a file path is passed as a command-line argument. While this is designed for loading speaker configurations and NLP data, it technically allows the agent to read local files. This behavior is considered low risk as it is restricted to JSON format and the data is sent to a trusted service.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 11:47 PM