video-production

Pass

Audited by Gen Agent Trust Hub on Jun 25, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill implementation demonstrates best practices for structured task planning. It provides clear instructional paths for normalizing user requests and selecting appropriate production modes without introducing dangerous logic or unauthorized access patterns.
  • [PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill ingests and processes untrusted data from user requests and external web content. This data is utilized to generate structured production plans and can be manipulated by malicious inputs to influence agent behavior.
  • Ingestion points: User-provided production briefs and external web data retrieved via the WebFetch and WebSearch tools as defined in SKILL.md.
  • Boundary markers: The skill employs a YAML schema (video_brief) for data normalization, offering a structural boundary; however, it lacks explicit instructions to disregard nested instructions within the ingested content.
  • Capability inventory: The skill is configured with tools including Write, Read, WebSearch, WebFetch, and Task.
  • Sanitization: No explicit validation or sanitization protocols are defined for content retrieved from external sources or user inputs prior to processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 25, 2026, 01:40 PM
Security Audit — agent-trust-hub — video-production