speech-to-text

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes a local vendor-provided binary at /home/user/.local/bin/rebyte-auth to obtain authentication tokens for API requests.
  • [COMMAND_EXECUTION]: Uses a python3 subprocess call to parse the vendor's local configuration file at ~/.rebyte.ai/auth.json for retrieving the service URL.
  • [EXTERNAL_DOWNLOADS]: Performs network requests via curl to transmit audio data and bearer tokens to a remote API endpoint for processing.
  • [PROMPT_INJECTION]: Susceptible to indirect prompt injection (Category 8) where speech within processed audio files could be interpreted by the agent as instructions.
  • Ingestion points: Audio files processed through the file parameter.
  • Boundary markers: No specific boundary markers or instructions are provided to distinguish transcribed text from the agent's system prompt.
  • Capability inventory: The skill utilizes network communication (curl) and local file access as part of its standard workflow.
  • Sanitization: Transcribed text is returned without sanitization or validation of the spoken content.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 02:19 PM
Security Audit — agent-trust-hub — speech-to-text