douyin-script-review
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external content, creating a potential surface for indirect prompt injection. This is characteristic of tools that analyze user-provided documents or links.
- Ingestion points: Processes user-supplied text (douyinVideoDraftText), files (douyinDraftFile), and external links (referenceVideoLink) in references/skill.json.
- Boundary markers: No explicit delimiters are provided in the skill instructions to separate user data from agent instructions.
- Capability inventory: The skill utilizes a Python runner (scripts/run.py) to transmit data to an external API (ai-skills.ai).
- Sanitization: No explicit sanitization or validation of the input content is performed within the local skill code.
Audit Metadata