audio-transcription

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads machine learning models from the mlx-community organization on Hugging Face using the huggingface-hub library. Hugging Face is a well-known and established service for model distribution.
  • [COMMAND_EXECUTION]: The main script transcribe-audio.py uses subprocess.run to execute transcription tasks via uvx. The commands are constructed using argument lists rather than shell strings, which is a security best practice for preventing command injection.
  • [DATA_EXFILTRATION]: The skill manages temporary file storage in local /private/tmp/ directories for processing audio inputs and storing transcripts. These operations are confined to the local filesystem and do not involve unauthorized network transmission.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 09:04 PM
Security Audit — agent-trust-hub — audio-transcription