music-search
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Node.js and Python scripts to perform its search and extraction logic. It also programmatically calls the
web-searchskill script using system shell execution. - [EXTERNAL_DOWNLOADS]: The skill automatically manages its Python dependencies by creating a virtual environment and installing the
cloudscraperpackage from PyPI during its first run. This is a standard procedure for its scraping functionality. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing data from untrusted web pages.
- Ingestion points: Data enters the context in
scripts/deep_extract.py(during page scraping) andscripts/music-search.js(during URL resolution). - Boundary markers: Absent; the extracted data is returned to the agent context without explicit delimiters or warnings to ignore instructions.
- Capability inventory: Subprocess execution is utilized in
scripts/music-search.jsto manage the lifecycle of search tasks and skill dependencies. - Sanitization: The skill employs regular expression matching to isolate specific cloud storage URL patterns and metadata, which provides implicit filtering of external content.
Audit Metadata