Skills
skills/secondwindai/creator-plugins/create-sfx/Gen Agent Trust Hub

create-sfx

Warn

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill workflow involves creating directory structures and executing shell commands through the uv run tool to synthesize audio files and manage script execution.
  • [REMOTE_CODE_EXECUTION]: The skill retrieves information from external websites and sound design forums (Step 2) to inform the generation of Python scripts. This creates a vulnerability to indirect prompt injection, where malicious instructions embedded in sound design tutorials or web content could influence the generated script to execute harmful code.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from the web (via WebFetch) and uses it to construct executable Python scripts without explicit boundary markers or sanitization of the retrieved content.
  • Ingestion points: Web content retrieved via WebSearch and WebFetch in SKILL.md Step 2.
  • Boundary markers: Absent; there are no instructions to ignore malicious commands embedded in the researched tutorials.
  • Capability inventory: Subprocess execution via uv run, directory creation via os.makedirs, and file writing of both .py scripts and .wav audio files.
  • Sanitization: None; the skill uses researched parameters directly to build the synthesis logic.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 20, 2026, 04:20 PM