songsee
Warn
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
songseebinary via a third-party Homebrew tap (steipete/tap/songsee). This involves fetching software from a source that is not part of the established trusted vendor list. - [COMMAND_EXECUTION]: The skill instructions and examples involve direct shell command execution of the
songseetool, including operations like piping file content into the binary (cat track.mp3 | songsee -). - [REMOTE_CODE_EXECUTION]: By specifying a third-party brew formula in the installation metadata, the skill facilitates the downloading and execution of external code on the user's system.
Audit Metadata