hebrew-podcast-postproduction

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill's components, including Python scripts and documentation, are consistent with its stated purpose. All referenced external resources are official documentation or well-known services.
  • [COMMAND_EXECUTION]: The skill includes a Python script (scripts/generate_bundle.py) that generates executable Bash scripts containing FFmpeg commands for processing audio and video clips. This is a core feature for automating the podcast workflow.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the ingestion of external transcript files (Whisper JSON or SRT), which are used to populate social media captions and chapter titles.
  • Ingestion points: scripts/score_segments.py and scripts/generate_bundle.py read transcript data from files or stdin.
  • Boundary markers: None present; the skill interpolates transcript text directly into markdown and shell script templates.
  • Capability inventory: The skill can write files to the local system and generate executable shell scripts.
  • Sanitization: The skill performs Unicode-specific processing (e.g., stripping nikud vowel points) but does not specifically sanitize for adversarial instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 07:03 PM
Security Audit — agent-trust-hub — hebrew-podcast-postproduction