Skills
skills/vinitu/macos-music-skill/macos-music/Gen Agent Trust Hub

macos-music

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill extensively uses osascript to execute AppleScript commands. This is the primary method used to control Music.app playback, library searching, and volume settings.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks (Category 8). It ingests untrusted data from the user's Music library, such as track names, artist names, and playlist names, which are then processed by the agent.
  • Ingestion points: Untrusted data enters the context through scripts/track/current.applescript, scripts/track/search.applescript, and scripts/playlist/list.applescript.
  • Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the retrieved metadata.
  • Capability inventory: The skill has the capability to execute commands via osascript, modify the library using scripts/library/add-files.applescript, and create playlists via scripts/playlist/create.applescript.
  • Sanitization: No sanitization or validation is performed on the metadata retrieved from the Music app before it is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 09:48 AM