explicit-checker
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): The skill is susceptible to indirect prompt injection via the processing of untrusted lyrics data.
- Ingestion points: Lyrics content is ingested from the file system through the
extract_sectiontool via paths provided in$ARGUMENTS. - Boundary markers: Absent; the workflow does not specify delimiters or system-level instructions to ignore potential commands embedded within the lyrics text.
- Capability inventory: The skill utilizes
Read,Glob, andGrepfor file system interaction. - Sanitization: Absent; no logic is provided to filter or escape instructions that might be hidden in the track lyrics.
- [Data Exposure & Exfiltration] (SAFE): The skill limits its file access to the album and track paths provided by the user. No sensitive directory access (e.g., SSH, AWS config) or hardcoded credentials were detected.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external package installations (pip, npm) or remote script downloads (curl | bash) are present. The skill relies on local MCP tools.
Audit Metadata