speech-to-text
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes a local vendor-provided binary at
/home/user/.local/bin/rebyte-authto obtain authentication tokens for API requests. - [COMMAND_EXECUTION]: Uses a
python3subprocess call to parse the vendor's local configuration file at~/.rebyte.ai/auth.jsonfor retrieving the service URL. - [EXTERNAL_DOWNLOADS]: Performs network requests via
curlto transmit audio data and bearer tokens to a remote API endpoint for processing. - [PROMPT_INJECTION]: Susceptible to indirect prompt injection (Category 8) where speech within processed audio files could be interpreted by the agent as instructions.
- Ingestion points: Audio files processed through the
fileparameter. - Boundary markers: No specific boundary markers or instructions are provided to distinguish transcribed text from the agent's system prompt.
- Capability inventory: The skill utilizes network communication (
curl) and local file access as part of its standard workflow. - Sanitization: Transcribed text is returned without sanitization or validation of the spoken content.
Audit Metadata