Skills
skills/openclaw/skills/audio-mastering-cli/Gen Agent Trust Hub

audio-mastering-cli

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local PowerShell script named master_media.ps1 to process audio and video files.
  • Evidence: Found in the execution flow of SKILL.md and usage examples in README.md.
  • The command uses the -ExecutionPolicy Bypass flag. While common for running local scripts on Windows without configuration changes, it bypasses safety restrictions designed to prevent unauthorized script execution.
  • [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection (Category 8) because it interpolates user-provided file paths directly into a system command string.
  • Ingestion points: The <ruta-archivo> input parameter in SKILL.md is used to construct the command line.
  • Boundary markers: Absent; there are no delimiters or instructions to the agent to treat the input string as non-executable data.
  • Capability inventory: The skill has the capability to execute shell commands via PowerShell and access the file system for read/write operations.
  • Sanitization: Absent; the skill definition does not demonstrate any sanitization, escaping, or validation of the input path before it is interpolated into the command.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 01:51 PM