Skills
skills/deepgram/deepgram-python-sdk/deepgram-python-voice-agent/Gen Agent Trust Hub

deepgram-python-voice-agent

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill encourages the use of environment variables for API key management rather than hardcoding credentials.
  • Evidence: The Authentication section demonstrates using python-dotenv and load_dotenv() to initialize the DeepgramClient safely.
  • [EXTERNAL_DOWNLOADS]: The documentation references an installation command for additional vendor resources.
  • Evidence: The 'Central product skills' section recommends npx skills add deepgram/skills, which targets the official repository of the vendor.
  • [DATA_EXFILTRATION]: The skill transmits audio and text data to a vendor API endpoint as part of its core functionality.
  • Evidence: The code samples establish a WebSocket connection to wss://agent.deepgram.com/v1/agent/converse and use agent.send_media(chunk) to stream user audio.
  • [PROMPT_INJECTION]: The skill processes user-supplied audio and text via an LLM, representing a surface for indirect prompt injection.
  • Ingestion points: User audio stream (via mic_chunks) and text injection (via AgentV1InjectUserMessage).
  • Boundary markers: None explicitly mentioned in the provided code snippets to distinguish user input from instructions.
  • Capability inventory: Persistent WebSocket connection capable of STT, LLM reasoning, and TTS synthesis.
  • Sanitization: No explicit validation or filtering of external input is demonstrated in the examples.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 01:46 PM