Skills
skills/bitwize-music-studio/claude-ai-music-skills/resume/Gen Agent Trust Hub

resume

Pass

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill identifies a surface for indirect prompt injection because it reads and processes data from the local filesystem that could be attacker-controlled.
  • Ingestion points: The skill ingests untrusted data from the filesystem via MCP tools like find_album, get_album_progress, and list_tracks (e.g., track names and statuses).
  • Boundary markers: Absent. The skill does not use delimiters or provide instructions to the model to ignore embedded commands in the retrieved data.
  • Capability inventory: The skill allows access to Bash, Read, and Glob tools, which could be exploited if malicious instructions were successfully injected.
  • Sanitization: Absent. Filesystem-derived strings are interpolated directly into the status report provided to the user.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 22, 2026, 06:48 AM