Skills
skills/tul-sh/skills/ai-music-generation/Gen Agent Trust Hub

ai-music-generation

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the infsh CLI tool to interact with music generation models on the inference.sh platform. The tool definition Bash(infsh *) provides broad execution capabilities for this specific CLI.
  • [EXTERNAL_DOWNLOADS]: The documentation provides instructions to install additional platform-specific skills using the npx skills add command from the inference-sh repository.
  • [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection by accepting user-supplied music descriptions and lyrics which are then passed to the CLI.
  • Ingestion points: User prompts and lyrics within JSON input strings passed to the infsh tool.
  • Boundary markers: No explicit delimiters are used in the provided examples to isolate user input.
  • Capability inventory: The skill is authorized to execute commands via the infsh CLI.
  • Sanitization: No input validation or filtering is specified for the data processed by the tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 08:26 AM