lyric-reviewer
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns such as prompt injection, data exfiltration, or obfuscation were detected. The use of terms like 'CRITICAL' and 'IMPORTANT' within the documentation refers to the business logic of the lyric review process and does not target the agent's underlying safety guardrails.
- [SAFE]: The skill uses local file system tools (Read, Edit, Glob, Grep) to analyze and update lyric files and research documentation. These operations are restricted to the local workspace and are consistent with the skill's stated purpose.
- [SAFE]: The skill exhibits an indirect prompt injection surface as it ingests untrusted data from lyric tracks and 'RESEARCH.md' to perform file edits. However, this is a low-risk surface given that the operations are limited to text replacement in markdown files and the skill lacks network access or the ability to execute system commands. The ingestion points include track files and 'RESEARCH.md' (SKILL.md); boundary markers and sanitization are absent; the capability inventory includes file read/write and search (Read, Edit, Glob, Grep).
Audit Metadata