testing-whisper
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The SKILL.md file suggests an optional installation method that downloads static FFmpeg binaries from johnvansickle.com and extracts them into /usr/local/bin/.
- [PROMPT_INJECTION]: The skill processes untrusted audio data that could contain indirect prompt injection instructions.
- Ingestion points: User-provided WAV files are loaded and transcribed in transcribe.py.
- Boundary markers: Transcription results are presented with explicit labels (e.g., transcription: "...") in the script output, providing some context but not preventing the agent from following instructions contained within the text.
- Capability inventory: The skill's primary script performs audio processing and transcription; it does not contain code for file writing, network exfiltration, or arbitrary command execution.
- Sanitization: There is no validation or filtering of the transcribed text to detect or remove potential malicious instructions before the output is returned to the agent.
Audit Metadata