speech
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a bundled Python script
scripts/text_to_speech.pyto interact with the OpenAI API. It includes logic to handle batch jobs via JSONL files and manage file system paths for output storage. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
openaiPython package from the official Python Package Index (PyPI). It directs the agent to useuvorpipfor installation. - [DATA_EXPOSURE]: The skill requires an
OPENAI_API_KEYto function. It explicitly instructs the agent never to ask the user to paste the key into the chat, instead advising them to set it as a local environment variable. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted user-provided text and style instructions which are then sent to the OpenAI Audio API.
- Ingestion points: User input provided via CLI flags (
--input,--instructions) or read from local files (--input-file,--instructions-file) inscripts/text_to_speech.py. - Boundary markers: Absent. The skill does not use delimiters or specific instructions to prevent the model from following commands embedded in the input text.
- Capability inventory: File system writes (audio output and temporary JSONL files), and outbound network access to the OpenAI API.
- Sanitization: Absent. Input text is passed directly to the API after basic validation of character length.
Audit Metadata