Skills
skills/editframe/skills/editframe-brand-video-generator/Gen Agent Trust Hub

editframe-brand-video-generator

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it is designed to ingest and process data from external websites.
  • Ingestion points: Step 0 of the SKILL.md workflow instructs the agent to immediately fetch user-supplied URLs using WebFetch or a browser tool.
  • Boundary markers: The instructions do not specify any delimiters or safety guidelines to differentiate between the agent's logic and the potentially adversarial content found on the external websites.
  • Capability inventory: The agent uses the fetched information to generate a creative brief and subsequently a full HTML/JavaScript composition.
  • Sanitization: There are no sanitization or validation steps described to filter out malicious instructions that might be embedded in the target website's text or metadata.
  • [COMMAND_EXECUTION]: The skill performs dynamic code generation that could be influenced by untrusted inputs.
  • Script generation: In "Pass 2" of the workflow, the agent generates HTML and <script> blocks containing procedural canvas animations using the addFrameTask API.
  • Execution risk: Since the generated code is derived from the analysis of external websites (via the Creative Brief), an attacker-controlled website could potentially influence the generated script logic if the agent's code-generation phase is manipulated by malicious content on the page.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 12:45 PM