ugc
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
genmediaCLI for model discovery, schema inspection, and executing media generation jobs, which is necessary for its core functionality. - [EXTERNAL_DOWNLOADS]: Generated media is downloaded from established service providers (e.g., fal.ai, OpenAI, Veed) using the
genmedia statuscommand as part of the intended workflow. - [DATA_EXFILTRATION]: User-provided media files (images, audio, video) are uploaded to selected service endpoints to facilitate video production, which is the primary purpose of the skill.
- [PROMPT_INJECTION]: The skill ingests user-supplied scripts and descriptions, serving as an attack surface for indirect prompt injection.
- Ingestion points: User-provided product details, scripts, and media are used as inputs for building prompts in the
genmediatool (SKILL.md). - Boundary markers: No explicit delimiters or boundary markers are used to isolate user-provided text from the agent's instructions during prompt construction.
- Capability inventory: The skill can upload local files, trigger remote generation jobs, and write downloaded files to the local disk (SKILL.md).
- Sanitization: No explicit sanitization or validation of user-provided script content is specified beyond general instructions to the agent to avoid fake claims.
Audit Metadata