music-to-dreamina
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- COMMAND_EXECUTION (HIGH): The skill executes a shell command
python3 -m music_analyzer dreamina "<input_path>"where<input_path>is directly provided by the user. An attacker could provide a malicious path such asfile.json"; touch /tmp/pwned; #to execute arbitrary commands on the system. - EXTERNAL_DOWNLOADS (MEDIUM): The skill relies on a non-standard Python module
music_analyzer. Since this package is not a known trusted dependency and no installation source is provided, it represents an unverifiable dependency risk. - PROMPT_INJECTION (LOW): The skill exhibits an indirect prompt injection surface by ingesting external data (audio files or JSON analysis).
- Ingestion points:
<audio_file_or_analysis_json>parameter. - Boundary markers: None identified; user input is passed directly to the analysis tool.
- Capability inventory: Subprocess execution via
python3 -m music_analyzer. - Sanitization: No evidence of path sanitization or input validation before command execution.
Recommendations
- AI detected serious security threats
Audit Metadata