music-search

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local Node.js and Python scripts to perform its search and extraction logic. It also programmatically calls the web-search skill script using system shell execution.
  • [EXTERNAL_DOWNLOADS]: The skill automatically manages its Python dependencies by creating a virtual environment and installing the cloudscraper package from PyPI during its first run. This is a standard procedure for its scraping functionality.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing data from untrusted web pages.
  • Ingestion points: Data enters the context in scripts/deep_extract.py (during page scraping) and scripts/music-search.js (during URL resolution).
  • Boundary markers: Absent; the extracted data is returned to the agent context without explicit delimiters or warnings to ignore instructions.
  • Capability inventory: Subprocess execution is utilized in scripts/music-search.js to manage the lifecycle of search tasks and skill dependencies.
  • Sanitization: The skill employs regular expression matching to isolate specific cloud storage URL patterns and metadata, which provides implicit filtering of external content.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 06:06 AM
Security Audit — agent-trust-hub — music-search