buddy-sings
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes several shell commands to facilitate its workflow, including 'find' to locate project memory files, 'git log' to retrieve recent commit messages, and 'mmx' for interacting with the music generation service.
- [DATA_EXFILTRATION]: To personalize song lyrics, the skill reads sensitive local data including the Claude Code configuration (~/.claude.json), project-specific memory files, and git history. This information, or summaries derived from it, is transmitted to the MiniMax API during the music generation process.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). It ingests untrusted content from local sources such as git logs and memory files and interpolates that data directly into the prompt used for the 'mmx' tool without visible sanitization, validation, or boundary markers. Ingestion points: memory markdown files and git logs; Capability inventory: 'mmx music generate' and 'python3' playback scripts; Sanitization: None mentioned.
- [EXTERNAL_DOWNLOADS]: The instructions require the user to install the 'mmx-cli' package globally via npm and provide an API key for the music generation service.
Audit Metadata