ai-video-editing
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external content, creating a surface for indirect prompt injection.
- Ingestion points: The skill accepts user-provided text (
materialText), files (materialFile), and URLs (materialUrl) via thereferences/form-schema.jsonconfiguration. - Boundary markers: No specific delimiters or safety instructions are defined in the schema to isolate untrusted content from the system prompt.
- Capability inventory: The
scripts/run.pyutility has network access to communicate with theai-skills.aiAPI and displays the resulting analysis. - Sanitization: The input parameters are transmitted to the remote API without client-side sanitization or filtering of potential injection patterns.
- [DATA_EXFILTRATION]: The skill performs legitimate network operations to the vendor's infrastructure.
- Network operations: The
scripts/run.pyscript makes HTTP POST requests tohttps://ai-skills.ai/api/executeto process editing requests. This domain is consistent with the skill's stated purpose and author information.
Audit Metadata