sound-engineer
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for Indirect Prompt Injection (Category 8) by combining data-ingestion tools with system-level capabilities.
- Ingestion points: The skill utilizes
mcp__firecrawl__firecrawl_searchandWebFetchto research documentation and fetch platform guidelines. - Boundary markers: There are no explicit instructions or delimiters provided to the agent for sanitizing or isolating untrusted content retrieved from external websites.
- Capability inventory: The agent is granted
Write,Edit, andBash(includingpython,node, andnpm) permissions, allowing for file modification and code execution based on instructions derived from processed data. - Sanitization: No specific sanitization or validation logic is defined for processing external documentation or search results.
Audit Metadata