speech

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses a bundled Python script scripts/text_to_speech.py to interact with the OpenAI API. It includes logic to handle batch jobs via JSONL files and manage file system paths for output storage.
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the openai Python package from the official Python Package Index (PyPI). It directs the agent to use uv or pip for installation.
  • [DATA_EXPOSURE]: The skill requires an OPENAI_API_KEY to function. It explicitly instructs the agent never to ask the user to paste the key into the chat, instead advising them to set it as a local environment variable.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted user-provided text and style instructions which are then sent to the OpenAI Audio API.
  • Ingestion points: User input provided via CLI flags (--input, --instructions) or read from local files (--input-file, --instructions-file) in scripts/text_to_speech.py.
  • Boundary markers: Absent. The skill does not use delimiters or specific instructions to prevent the model from following commands embedded in the input text.
  • Capability inventory: File system writes (audio output and temporary JSONL files), and outbound network access to the OpenAI API.
  • Sanitization: Absent. Input text is passed directly to the API after basic validation of character length.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 06:06 AM
Security Audit — agent-trust-hub — speech