sonoscli
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the Sonos CLI utility from a third-party GitHub repository (
github.com/steipete/sonoscli) using the Go build system during the setup phase. - [COMMAND_EXECUTION]: The skill functions by executing the
sonosbinary with various subcommands and flags to interact with hardware devices. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it interpolates user-provided strings directly into command-line arguments.
- Ingestion points: User-provided speaker names (
--name), search queries, and IP addresses are accepted as input. - Boundary markers: No explicit delimiters or boundary markers are defined to ensure the agent treats user input strictly as data.
- Capability inventory: The skill possesses the capability to execute shell commands and perform network operations on the local subnet.
- Sanitization: There is no evidence of input validation or sanitization within the skill metadata to prevent argument injection.
Audit Metadata