Skills
skills/toolshell/skills/ai-music-generation/Gen Agent Trust Hub

ai-music-generation

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the infsh CLI tool via Bash to execute music generation tasks and manage the application lifecycle.
  • [EXTERNAL_DOWNLOADS]: The skill documentation references external resources and installation instructions for the infsh CLI from inference.sh, which is an established AI service platform.
  • [INDIRECT_PROMPT_INJECTION]: The skill allows user-provided prompts to be included in JSON payloads for shell commands, creating a potential injection surface. Evidence: 1. Ingestion points: User prompts are accepted via the --input flag in SKILL.md. 2. Boundary markers: Data is structured using JSON. 3. Capability inventory: Subprocess execution is performed via the Bash(infsh *) tool. 4. Sanitization: No explicit input sanitization or filtering is observed in the skill definitions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 12:14 PM