melogen
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill installs the 'melogenai' Python package via pip. This unverifiable package installation is a potential risk but is downgraded from MEDIUM to LOW because it is the primary tool required for the skill's core functionality.
- [PROMPT_INJECTION] (LOW): An indirect prompt injection surface is present in the music analysis feature. 1. Ingestion points: The 'melogen analysis' command in SKILL.md processes PDF, Image, and MusicXML files from external URLs. 2. Boundary markers: No boundary markers or 'ignore' instructions are provided to the agent when processing these files. 3. Capability inventory: The skill has permission to execute 'melogen' CLI commands (SKILL.md), which are used to process these external files. 4. Sanitization: There is no evidence of content sanitization or validation in the provided instructions.
- [COMMAND_EXECUTION] (SAFE): Use of the Bash tool is limited to the 'melogen' CLI and the initial pip installation, which prevents arbitrary command execution.
- [DATA_EXFILTRATION] (SAFE): The use of the 'MELOGEN_API_KEY' and network requests to 'melogenai.com' are clearly documented requirements for the service and do not appear to involve unauthorized access to sensitive local data.
Audit Metadata