apple-music-2
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill suggests an alternative installation of the 'mcp-applemusic' tool from an unverified GitHub repository (epheterson/mcp-applemusic).
- [COMMAND_EXECUTION]: Employs 'osascript' via shell to perform macOS system automation for controlling the Music application.
- [COMMAND_EXECUTION]: Includes specific instructions for the user to manually execute 'git clone' and 'pip install' commands to install external third-party software.
- [PROMPT_INJECTION]: Maintains an indirect prompt injection surface through the ingestion of external music metadata. 1. Ingestion points: Track and album metadata retrieved from the Apple Music API. 2. Boundary markers: Not utilized in the command construction examples. 3. Capability inventory: Local AppleScript execution and network request capabilities. 4. Sanitization: Provides an 'escape_applescript' utility to manually sanitize user-provided strings before execution.
Audit Metadata