The Agent Skills Directory

[COMMAND_EXECUTION]: The skill relies on Python (scripts/generate.py) and Bash (scripts/generate.sh) scripts to perform its primary functions. These scripts are executed by the agent to interface with the ACE Music API and save files to the local system.
[EXTERNAL_DOWNLOADS]: The skill communicates with api.acemusic.ai to send generation requests and download audio content encoded as base64. This is a third-party service not included in the default trusted or whitelisted domains.
[DATA_EXFILTRATION]: User-provided music prompts, lyrics, and the required ACE_MUSIC_API_KEY are transmitted over the network to https://api.acemusic.ai. While this is necessary for the skill's function, it constitutes sending data to an external, non-whitelisted endpoint.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted user input (prompts and lyrics) and interpolates it into the payload sent to a generative AI model.
Ingestion points: CLI arguments passed to scripts/generate.py and scripts/generate.sh (e.g., --lyrics, prompt).
Boundary markers: The documentation recommends using <prompt> and <lyrics> tags, but the scripts perform simple string interpolation without enforcing rigid structural boundaries.
Capability inventory: Includes network operations via requests and curl, as well as file-write operations to the local filesystem.
Sanitization: The scripts use standard JSON serialization which prevents structural JSON injection, but they do not sanitize or filter the natural language content for potentially malicious instructions intended for the music generation model.

ace-music