Skills
skills/bitwize-music-studio/claude-ai-music-skills/researchers-biographical/Gen Agent Trust Hub

researchers-biographical

Pass

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [Prompt Injection] (LOW): Indirect Prompt Injection surface. The skill fetches untrusted data from external websites without boundary markers to separate instructions from data. 1. Ingestion points: WebFetch and WebSearch tools (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Read, Edit, Write, Grep, Glob, WebFetch, WebSearch (SKILL.md). 4. Sanitization: Absent.
  • [Data Exfiltration] (LOW): Potential data exposure risk. The skill is configured with both Read (file system access) and WebFetch (network access) tools. While no hardcoded malicious logic exists, this toolset allows for the theoretical reading of local files and subsequent transmission to external servers if the agent's logic is subverted via malicious input arguments or indirect injection.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 22, 2026, 06:50 AM