cut
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs several system-level operations to manage video libraries and exports. It executes local Ruby scripts located in the
lib/directory (e.g.,lib/buttercut/library.rb,lib/buttercut/export.rb,lib/buttercut/contact_sheet.rb) and uses shell commands such ascpto copy files to the Desktop andopento launch professional editing software. These actions are consistent with the skill's primary function. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because its core logic involves a sub-agent reading and interpreting video transcripts (
transcripts/*.json) and footage summaries (summaries/*.md). If these files—which are derived from external video content—contain malicious instructions, they could influence the agent's behavior during the roughcut generation process. - Ingestion points: The sub-agent reads transcript JSON files and markdown summaries from the library directory.
- Boundary markers: No specific boundary markers or instructions to ignore embedded commands are used when interpolating transcript data into the prompt.
- Capability inventory: The skill can execute shell commands, perform file system operations (read/write/copy), and invoke other sub-agents.
- Sanitization: There is no explicit sanitization or validation logic described for the content of the transcripts before they are processed by the LLM.
Audit Metadata