Skills
skills/bitwize-music-studio/claude-ai-music-skills/test/Gen Agent Trust Hub

test

Pass

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill utilizes the Bash tool to execute python3 -m pytest on local test suites. This involves dynamic execution but is justified as it is the primary purpose of the test runner.
  • [PROMPT_INJECTION] (LOW): An indirect prompt injection surface exists because the skill reads and processes local files using Read and Grep without explicit sanitization or boundary markers.
  • Ingestion points: Local project files and documentation accessed during test execution (e.g., via Read and Grep).
  • Boundary markers: Absent; the agent is not explicitly instructed to treat file content as untrusted or separate from instructions.
  • Capability inventory: Bash (command execution), Read (file access), Grep (pattern matching), and Glob (file discovery).
  • Sanitization: No sanitization or validation of the content of the files being read is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 22, 2026, 06:57 AM