Skills
skills/jgarrison929/openclaw-skills/sonoscli/Gen Agent Trust Hub

sonoscli

Warn

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the sonos binary using go install github.com/steipete/sonoscli/cmd/sonos@latest. This downloads and compiles code from a third-party repository not included in the trusted vendors list.
  • [COMMAND_EXECUTION]: The skill relies on executing the sonos binary to perform its functions, such as discovering devices, controlling playback, and managing groups. This requires the agent to spawn subprocesses.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through data it processes from external sources.
  • Ingestion points: The skill reads and processes data from local Sonos speakers (via sonos status, sonos queue list, and sonos favorites list) and from the Spotify API (via sonos smapi search).
  • Boundary markers: The instructions do not define clear delimiters or provide 'ignore embedded instructions' warnings for data returned by the CLI tool.
  • Capability inventory: The skill has the capability to execute the sonos binary with various parameters, potentially influenced by the data it reads.
  • Sanitization: There is no evidence of sanitization, filtering, or validation of the content returned by the speakers or external APIs before it enters the agent context.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 1, 2026, 05:32 PM