verify-sources
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection in its track verification process.
- Ingestion points: The agent ingests potentially untrusted content from RESEARCH.md, SOURCES.md, and various track files via the Read tool.
- Boundary markers: The instructions do not define delimiters or markers to isolate the ingested file content from the agent instructions.
- Capability inventory: The skill has access to Edit, Bash, and the bitwize-music-mcp tool, representing a significant capability set if an injection occurred.
- Sanitization: There is no evidence of validation or sanitization of the data read from external files before it is processed by the agent.
Audit Metadata