Skills
skills/notque/claude-code-toolkit/voice-validator/Gen Agent Trust Hub

voice-validator

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFEDATA_EXFILTRATION
Full Analysis
  • [DATA_EXFILTRATION]: The skill implements an indirect prompt injection surface by ingesting and processing untrusted external content.
  • Ingestion points: External content is loaded in 'Phase 1: IDENTIFY TARGET' (Step 2) to be validated and refined.
  • Boundary markers: The instructions do not specify the use of delimiters (e.g., XML tags, triple backticks) or 'ignore embedded instructions' warnings when handling the target content.
  • Capability inventory: The skill has access to high-privilege tools including Bash, Write, Edit, Task, and Skill, which could be exploited if the agent follows instructions embedded within the processed text.
  • Sanitization: There is no mention of sanitizing, escaping, or validating the input text before the agent 'addresses violations' or 'applies fixes' using its tools.
  • [COMMAND_EXECUTION]: The skill includes Bash in its allowed-tools list. While the instructions focus on text editing and validation, the availability of a shell environment alongside the processing of user-supplied text increases the potential impact of indirect prompt injection.
  • [SAFE]: No hardcoded credentials, malicious remote code execution patterns, or persistence mechanisms were detected in the skill logic. The metadata and implementation align with the stated purpose of voice fidelity validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 05:55 AM