Skills
skills/elizaos/eliza/sonoscli/Gen Agent Trust Hub

sonoscli

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the sonos binary by fetching a Go module from an external GitHub repository (github.com/steipete/sonoscli/cmd/sonos). While this source is necessary for the skill's primary function, it originates from a third-party developer not explicitly listed in the trusted vendor list.
  • [COMMAND_EXECUTION]: The skill relies on the execution of the sonos CLI tool to perform discovery, status checks, and media control on the local network.
  • [PROMPT_INJECTION]: The skill ingests untrusted data from the local network, such as speaker names and media metadata, which are then presented to the agent.
  • Ingestion points: Data returned by sonos discover, sonos status, and sonos favorites list (SKILL.md).
  • Boundary markers: Absent; the skill does not instruct the agent to treat output from the tool as untrusted.
  • Capability inventory: System command execution via the sonos binary and network communication with local speakers (SKILL.md).
  • Sanitization: Absent; no sanitization or validation of the tool's output is performed before it is used in the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 07:13 AM