ai-podcast-creation

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on the infsh command-line utility to interact with the inference.sh platform, executing commands for authentication and running hosted AI models for audio generation and media merging.
  • [EXTERNAL_DOWNLOADS]: The documentation suggests the installation of additional skill packages (e.g., inference-sh/skills@agent-tools) using the npx skills add command, which downloads external code from a remote repository.
  • [PROMPT_INJECTION]: The skill facilitates an indirect prompt injection surface in its 'NotebookLM-Style Content' workflow by interpolating untrusted document text directly into an LLM prompt. 1. Ingestion points: The <your-document-content> placeholder in the script generation prompt in SKILL.md. 2. Boundary markers: The prompt template lacks specific delimiters or 'ignore instructions' warnings to isolate the document content from the script-writing instructions. 3. Capability inventory: The skill has the capability to execute shell commands via the infsh tool. 4. Sanitization: There is no evidence of sanitization or validation for the document content before it is processed by the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 10:17 PM
Security Audit — agent-trust-hub — ai-podcast-creation