Skills
skills/michaelboeding/skills/voice-generation/Gen Agent Trust Hub

voice-generation

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/gemini_tts.py utilizes subprocess.run to call the gcloud CLI tool to automatically detect and retrieve the project ID for Google Cloud/Vertex AI authentication.
  • [DATA_EXFILTRATION]: The voice generation scripts (elevenlabs.py, gemini_tts.py, and openai_tts.py) access sensitive file paths including ~/.env and ~/.config/skills/.env to load API credentials for authentication. This access is limited to retrieving keys for the legitimate operation of the text-to-speech services.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to the lack of input sanitization in the voice synthesis process.
  • Ingestion points: Untrusted data enters the skill via the --text and --style arguments in scripts/gemini_tts.py.
  • Boundary markers: Content and instructions are concatenated without the use of protective delimiters or 'ignore' warnings.
  • Capability inventory: The skill utilizes the Google Gemini API to generate audio content based on provided prompts.
  • Sanitization: Input text is processed directly without escaping or validation before being passed to the multimodal generation endpoint.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 08:40 PM