Skills
skills/google-gemini/gemini-managed-agents-templates/tts-generation/Gen Agent Trust Hub

tts-generation

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • System Command Execution: The skill uses subprocess.run() to invoke ffmpeg for audio processing. This is a standard practice for applying audio filters like the telephone effect mentioned in the documentation.
  • Evidence: Found in scripts/generate_tts.py within the apply_telephone_filter function, which uses a list-based argument structure (a secure coding practice) to call ffmpeg.
  • Data Ingestion for Processing: The skill reads a local script file (script.md) to generate speech. While the data is untrusted, the skill uses structured parsing and passes the text to an official AI SDK for conversion, which is the intended use case.
  • Evidence: The main() function reads from {workspace}/data/script.md and passes content to the split_script_by_turns and generate_tts_single functions.
  • External API Interaction: The skill interacts with the Google GenAI Interactions API to generate speech. This uses official client libraries and targets established service endpoints.
  • Evidence: Usage of the google.genai client and gemini-3.1-flash-tts-preview model in scripts/generate_tts.py.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 06:58 AM
Security Audit — agent-trust-hub — tts-generation