voice-isolate

Pass

Audited by Gen Agent Trust Hub on Jul 10, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/extract_voice.py uses subprocess.run to invoke ffmpeg for extracting audio from video files and for MP3 encoding. These calls use a list of arguments (non-shell mode), which is a secure practice that mitigates command injection risks.
  • [EXTERNAL_DOWNLOADS]: The skill utilizes standard, reputable Python packages for audio processing and machine learning. As noted in the documentation, the demucs library downloads pre-trained model weights upon first execution, which is standard and expected behavior for this tool.
  • [SAFE]: Static analysis of the instructions and scripts shows no evidence of prompt injection, data exfiltration, obfuscation, or attempts to gain unauthorized persistence or privileges. The code's behavior aligns exactly with its stated purpose of audio isolation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 10, 2026, 01:40 AM