skills/plurigrid/asi/live-recording/Gen Agent Trust Hub

live-recording

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides shell commands to initiate a background audio capture loop using tmux and bash. This loop invokes local system utilities including ffmpeg for audio recording, sox for silence detection, and whisper-cli for transcription.
  • [DATA_EXFILTRATION]: The skill is designed for persistent environmental audio capture via the system's microphone (avfoundation device :1). While the transcriptions are stored locally in ~/v/audio-capture.org, users should be aware of the inherent privacy implications of always-on recording.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection. Since environmental audio is transcribed into plain text and appended to an Org-mode file without sanitization or boundary markers, malicious instructions spoken in the environment could be transcribed. If an AI agent later processes this transcription file, those instructions could potentially influence its behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 10:21 AM
Security Audit — agent-trust-hub — live-recording