video-production
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill implementation demonstrates best practices for structured task planning. It provides clear instructional paths for normalizing user requests and selecting appropriate production modes without introducing dangerous logic or unauthorized access patterns.
- [PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill ingests and processes untrusted data from user requests and external web content. This data is utilized to generate structured production plans and can be manipulated by malicious inputs to influence agent behavior.
- Ingestion points: User-provided production briefs and external web data retrieved via the
WebFetchandWebSearchtools as defined inSKILL.md. - Boundary markers: The skill employs a YAML schema (
video_brief) for data normalization, offering a structural boundary; however, it lacks explicit instructions to disregard nested instructions within the ingested content. - Capability inventory: The skill is configured with tools including
Write,Read,WebSearch,WebFetch, andTask. - Sanitization: No explicit validation or sanitization protocols are defined for content retrieved from external sources or user inputs prior to processing.
Audit Metadata