apple-media
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill metadata specifies the installation of the pyatv package from PyPI via pipx. This targets an official package registry and is considered safe.
- [COMMAND_EXECUTION]: The skill uses the atvremote command-line utility for device discovery and control. These commands are consistent with the skill's stated purpose of managing media playback and navigation on local network devices.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to the way it handles data from external devices (Category 8).
- Ingestion points: The atvremote text_get and atvremote playing commands retrieve strings from devices on the local network, such as track titles, artist names, or content from input fields.
- Boundary markers: No boundary markers or specialized instructions are present in the skill to delimit untrusted device data.
- Capability inventory: The skill possesses the capability to execute local commands via the atvremote binary.
- Sanitization: The skill does not perform sanitization on data retrieved from external devices before presenting it to the agent context.
Audit Metadata