transcribe
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill uses the official and well-known
openailibrary for all transcription and diarization functionality. - [SAFE]: Sensitive information like the OpenAI API key is handled through standard environment variables, and the instructions explicitly advise against insecurely sharing keys in chat.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes untrusted audio data which could contain malicious spoken instructions.
- Ingestion points: Audio files are read and processed by the
scripts/transcribe_diarize.pyscript and passed to the OpenAI API. - Boundary markers: No specific delimiters or boundary instructions are used to isolate the resulting transcript within the agent's prompt context.
- Capability inventory: The bundled Python script has permissions to read local files, write transcripts to disk, and make outbound network requests to the OpenAI API.
- Sanitization: The skill does not perform sanitization or validation on the content of the audio files or the generated text output.
Audit Metadata