Skills
skills/jamditis/claude-skills-journalism/interview-transcription/Gen Agent Trust Hub

interview-transcription

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes external command-line tools to process audio and video files.
  • Evidence in SKILL.md: Uses subprocess.run to call whisper for transcription and ffmpeg for audio extraction.
  • Implementation detail: Commands are invoked using list-based arguments, which is a secure practice to prevent shell injection.
  • [PROMPT_INJECTION]: The skill is designed to process external, untrusted data (interview transcripts) which represents a surface for indirect prompt injection.
  • Ingestion points: The extract_quote function and transcription functions handle external text and media.
  • Boundary markers: None identified in the provided scripts.
  • Capability inventory: The skill can execute local shell commands (whisper, ffmpeg) and write files to the local file system.
  • Sanitization: No explicit sanitization or filtering of transcript content is implemented.
  • [SAFE]: No patterns of data exfiltration, credential harvesting, obfuscation, or unauthorized persistence were found. The skill's functionality is consistent with its stated purpose of interview management.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 01:24 AM