ai-video-editing

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted external content, creating a surface for indirect prompt injection.
  • Ingestion points: The skill accepts user-provided text (materialText), files (materialFile), and URLs (materialUrl) via the references/form-schema.json configuration.
  • Boundary markers: No specific delimiters or safety instructions are defined in the schema to isolate untrusted content from the system prompt.
  • Capability inventory: The scripts/run.py utility has network access to communicate with the ai-skills.ai API and displays the resulting analysis.
  • Sanitization: The input parameters are transmitted to the remote API without client-side sanitization or filtering of potential injection patterns.
  • [DATA_EXFILTRATION]: The skill performs legitimate network operations to the vendor's infrastructure.
  • Network operations: The scripts/run.py script makes HTTP POST requests to https://ai-skills.ai/api/execute to process editing requests. This domain is consistent with the skill's stated purpose and author information.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:30 AM
Security Audit — agent-trust-hub — ai-video-editing