Skills
skills/bitwize-music-studio/claude-ai-music-skills/next-step/Gen Agent Trust Hub

next-step

Pass

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill analyzes project files like 'SOURCES.md' and track data using the Read, Glob, and Grep tools to determine its recommendations. This creates a surface where malicious content inside those files could influence the agent's logic.
  • Ingestion points: Project files and track data read via file-system tools.
  • Boundary markers: Absent; there are no instructions to ignore embedded commands within the files being read.
  • Capability inventory: The skill can discover and read files (Glob, Read, Grep) and directs the user to execute other skills in the same namespace.
  • Sanitization: Absent; the logic assumes the content of project files is trustworthy and follows the expected schema.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 18, 2026, 07:19 AM