ace-music
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/generate.shexecutes system commands includingcurlfor API communication andpython3for data processing. - Uses
python3for robust JSON escaping of user-provided prompts and lyrics to prevent payload breakage. - Uses
python3to decode base64 audio data from the API response and write it to the local filesystem. - [EXTERNAL_DOWNLOADS]: The skill communicates with an external API to fetch generated audio content.
- Network requests are directed to
api.acemusic.ai, which is the official endpoint for the service described in the skill. - Audio files are downloaded and saved locally as MP3 files as part of the intended functionality.
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it accepts user-provided text for music prompts and lyrics which are processed by a downstream model.
- Ingestion points: CLI arguments in
scripts/generate.sh(--prompt,--lyrics) used to build the API request. - Boundary markers: The script wraps input in
<prompt>and<lyrics>tags to provide structure and context for the AI model. - Capability inventory: Performs network requests to a specific vendor API and writes binary audio files to the current directory.
- Sanitization: Implements proper JSON escaping using a Python subprocess to ensure user input does not escape the data field of the JSON payload.
Audit Metadata