music-to-storyboard
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (HIGH): The skill executes
python3 -m music_analyzer storyboard "<input_path>". The<input_path>variable is directly controlled by the user. If the underlying environment does not strictly sanitize this input, an attacker can escape the double quotes and execute arbitrary shell commands (e.g., by providing a path like"; rm -rf / #). - EXTERNAL_DOWNLOADS (MEDIUM): The skill relies on a non-standard Python module named
music_analyzer. This package is not from a trusted source or organization, posing a supply chain risk as its behavior cannot be verified. - PROMPT_INJECTION (LOW): Indirect prompt injection surface (Category 8) detected. 1. Ingestion points: User-provided audio files or JSON analysis data. 2. Boundary markers: None; the skill assumes valid data. 3. Capability inventory: Execution of subprocess commands via
python3 -m. 4. Sanitization: No validation or escaping is mentioned before passing data to the analyzer or using its output for visual descriptions.
Recommendations
- AI detected serious security threats
Audit Metadata