Skills
skills/trpc-group/trpc-agent-go/sonoscli/Gen Agent Trust Hub

sonoscli

Warn

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill metadata specifies the installation of a Go module from a third-party GitHub repository (github.com/steipete/sonoscli/cmd/sonos@latest) which is not associated with a known trusted vendor.- [COMMAND_EXECUTION]: The skill's primary functionality relies on executing the sonos CLI tool to interact with hardware on the local network.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from local network devices (e.g., track names in queues, favorites, or search results) without sanitization.
  • Ingestion points: Data retrieved via sonos queue list, sonos favorites list, and sonos smapi search.
  • Boundary markers: None identified; the agent is not instructed to treat tool outputs as untrusted data.
  • Capability inventory: The skill can execute CLI commands and access local network services.
  • Sanitization: No evidence of data validation or escaping before interpolation into the agent context.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 30, 2026, 01:08 AM
Security Audit — agent-trust-hub — sonoscli