Skills
skills/huangserva/servasyy_skills/podcast-generator/Gen Agent Trust Hub

podcast-generator

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses subprocess.run to call ffmpeg and edge-tts for audio processing and synthesis in skill.py and generate_interview_podcast.py. These calls use list-based arguments, which prevents shell injection, but they execute commands on content derived from user-provided files.
  • [DATA_EXFILTRATION]: The skill hardcodes an external IP address (http://219.147.109.250:7860) to interface with an IndexTTS2 synthesis service. When this engine is selected, user-provided text from Markdown documents is sent to this unverified server, posing a potential data exposure risk for sensitive content.
  • [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8).
  • Ingestion points: Untrusted data enters the agent context through the markdown and script input files in skill.py and generate_interview_podcast.py.
  • Boundary markers: The skill does not use delimiters or specific instructions to isolate user-provided text, allowing embedded instructions to potentially influence the AI's script generation phase.
  • Capability inventory: The skill has the ability to write files to the workspace/ directory and execute shell commands (ffmpeg, edge-tts).
  • Sanitization: Content is processed using basic regular expressions to remove Markdown formatting, which does not sanitize malicious instructional overrides.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 09:19 PM
Security Audit — agent-trust-hub — podcast-generator