tutorial
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill uses the Bash tool to execute directory creation commands (
mkdir -p) that incorporate variables such as artist name and album title derived directly from user input. This pattern relies on the agent's internal safety filters to prevent command injection as there is no explicit sanitization logic in the skill. - PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection because it ingests and processes data from the local filesystem that may contain user-controlled content. 1. Ingestion points: User-provided artist/album names and the content of existing artist README files. 2. Boundary markers: Absent. 3. Capability inventory: Bash, Write, Edit, Read, Glob, Grep. 4. Sanitization: Absent.
Audit Metadata