music
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill constructs and executes shell commands to invoke the 'listenhub' CLI and manage configuration files.
- [EXTERNAL_DOWNLOADS]: The skill utilizes 'curl' to download generated audio files from URLs provided by the backend service.
- [PROMPT_INJECTION]: The skill ingests user-provided prompts and reference audio paths, creating an indirect prompt injection surface. Ingestion points: User-provided text prompts, style hints, titles, and reference audio URLs/paths. Boundary markers: Absent; the skill does not use specific delimiters to isolate user-provided content. Capability inventory: The skill can execute shell commands, perform network requests via 'curl', and write to the local file system. Sanitization: Absent; user inputs are interpolated directly into shell command templates.
Audit Metadata