sonoscli
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, prompt injections, or obfuscation techniques were detected in the skill instructions or metadata.
- [EXTERNAL_DOWNLOADS]: The skill installs the
sonoscommand-line utility from a public GitHub repository (github.com/steipete/sonoscli) using the standard Go package manager. This is the intended behavior for providing the tool's functionality. - [DATA_EXPOSURE_AND_EXFILTRATION]: The skill correctly references the use of environment variables for optional Spotify integration, following best practices for secret management. No sensitive data or hardcoded credentials were found.
Audit Metadata