live-recording
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides shell commands to initiate a background audio capture loop using
tmuxandbash. This loop invokes local system utilities includingffmpegfor audio recording,soxfor silence detection, andwhisper-clifor transcription. - [DATA_EXFILTRATION]: The skill is designed for persistent environmental audio capture via the system's microphone (avfoundation device
:1). While the transcriptions are stored locally in~/v/audio-capture.org, users should be aware of the inherent privacy implications of always-on recording. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection. Since environmental audio is transcribed into plain text and appended to an Org-mode file without sanitization or boundary markers, malicious instructions spoken in the environment could be transcribed. If an AI agent later processes this transcription file, those instructions could potentially influence its behavior.
Audit Metadata