songsee
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill metadata contains an installation instruction that uses Homebrew to fetch the 'songsee' formula from a third-party tap located at 'steipete/tap/songsee'.\n- [COMMAND_EXECUTION]: The skill provides instructions for the agent to execute the 'songsee' binary with various command-line flags to process audio files and generate image outputs.\n- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface as it is designed to ingest and process untrusted audio data. (Mandatory Evidence Chain: 1. Ingestion points: Audio files processed via the 'songsee' command as seen in SKILL.md. 2. Boundary markers: Absent; there are no instructions to the agent to disregard instructions potentially embedded in metadata or data streams. 3. Capability inventory: Execution of the 'songsee' binary and writing of image files to the file system. 4. Sanitization: Absent; the skill relies on the security of the underlying 'songsee' binary and 'ffmpeg' library to handle media parsing.)
Audit Metadata