Skills
skills/bitwize-music-studio/claude-ai-music-skills/session-start/Gen Agent Trust Hub

session-start

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python command (~/.bitwize-music/venv/bin/python3) to verify that the MCP environment is correctly set up.
  • [DYNAMIC_EXECUTION]: Implements a plugin upgrade mechanism that automatically executes migration scripts found in ${CLAUDE_PLUGIN_ROOT}/migrations/ when a version mismatch is detected.
  • [PROMPT_INJECTION]: The skill incorporates instructions from a local CLAUDE.md override file and processes data from a state.json cache, creating an indirect prompt injection surface.
  • Ingestion points: Reads content from ~/.bitwize-music/config.yaml, ~/.bitwize-music/cache/state.json, and {overrides}/CLAUDE.md.
  • Boundary markers: Absent; instructions from override files are incorporated into the agent's context without explicit delimitation.
  • Capability inventory: The agent has access to Bash, Read, and the bitwize-music-mcp toolset, which can be influenced by the ingested data.
  • Sanitization: No validation or sanitization logic is described for the content loaded from configuration or override files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 02:29 AM