podcast
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill extensively uses the
voxflowcommand-line interface to generate podcast scripts and synthesize audio. Commands includevoxflow podcast,voxflow login, andvoxflow status. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
voxflowpackage from the official NPM registry as a prerequisite. - [PROMPT_INJECTION]: The skill acts as a surface for indirect prompt injection (Category 8) because it processes untrusted user-provided topics and potentially content from URLs to generate podcast dialogue.
- Ingestion points: User-supplied topics via the
--topicflag and potentially URLs mentioned in the description (SKILL.md). - Boundary markers: None explicitly defined in the provided commands to isolate the topic content from the generation logic.
- Capability inventory: The skill executes shell commands (
voxflow) and writes files to the local system (.wav,.json,.txt). - Sanitization: Not explicitly documented; the skill relies on the underlying LLM engine and
voxflowCLI for content safety.
Audit Metadata