Skills
skills/raphaelsalaja/audio/create-sound/Gen Agent Trust Hub

create-sound

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions for the agent to download external assets from the npm registry using npm pack to acquire sound sprites from external packages.\n- [COMMAND_EXECUTION]: The skill utilizes shell commands to manipulate audio files and manage assets, including ffmpeg for audio slicing and silence detection, and tar for archive extraction.\n- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted audio data and natural language prompts.\n
  • Ingestion points: User-provided audio files and prompt text (SKILL.md section 1.1).\n
  • Boundary markers: Relies on structured SoundDefinition templates and internal token mapping.\n
  • Capability inventory: Execution of shell commands (ffmpeg, npm, tar) and file system writes for previews (SKILL.md section 1.5).\n
  • Sanitization: Conformance checks are implemented via JSON schema validation in src/validate.mjs to verify generated outputs.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 02:50 PM