The Agent Skills Directory

[DATA_EXPOSURE]: The skill manages a sensitive API key (GIGGLE_API_KEY). It adheres to security best practices by instructing the agent to read this key from system environment variables rather than passing it through insecure command-line parameters or configuration files.
[EXTERNAL_DOWNLOADS]: The script communicates exclusively with the vendor's official domain giggle.pro to submit generation tasks and retrieve results. This is consistent with the skill's stated purpose and originates from the author's own infrastructure.
[COMMAND_EXECUTION]: The skill executes a local Python script (scripts/giggle_music_api.py) to interact with the API. The command-line arguments are structured to handle user-provided strings (prompts and lyrics) as inputs for music generation.
[PROMPT_INJECTION]: The skill processes user-supplied descriptions and lyrics which are forwarded to an external AI model. While this creates a surface for indirect prompt injection (content intended to manipulate the music generation AI), it is a necessary part of the skill's primary functionality and does not pose a direct threat to the agent's operating environment.

giggle-generation-music