Skills
skills/elizaos/eliza/openai-whisper-api/Gen Agent Trust Hub

openai-whisper-api

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXFILTRATION]: Transmits audio data and the user's OpenAI API key to api.openai.com. This is the core functionality of the skill and targets a well-known service.
  • [COMMAND_EXECUTION]: Executes the curl command to interact with the remote API. The shell script properly quotes variables and uses set -euo pipefail to ensure robust and safe execution.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing external audio data.
  • Ingestion points: Input audio file path passed to scripts/transcribe.sh.
  • Boundary markers: None are present in the transcription output file.
  • Capability inventory: Performs network requests via curl and writes transcription results to the local filesystem.
  • Sanitization: Validates the existence of the input file and uses shell quoting for all parameters passed to the curl command.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 08:01 AM