website-to-hyperframes

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted data from external websites and using it to generate narration scripts (SCRIPT.md) and creative storyboards (STORYBOARD.md). There are no boundary markers or instructions to ignore malicious directives embedded in the captured website text.
  • Ingestion points: Website content is extracted into files like 'capture/extracted/visible-text.txt' and 'capture/extracted/asset-descriptions.md'.
  • Boundary markers: Absent. The agent is encouraged to use exact text and descriptions from the capture without sanitization.
  • Capability inventory: The skill executes shell commands, writes code files, and spawns sub-agents to process data.
  • Sanitization: Absent. The agent is instructed to strip HTML tags but not to sanitize content for potential malicious instructions.
  • [COMMAND_EXECUTION]: The skill frequently executes shell commands using 'npx' and 'node' to run tools for capturing, transcribing, linting, and rendering video content. This includes 'npx hyperframes' and 'npx tsx'.
  • [EXTERNAL_DOWNLOADS]: The skill relies on 'npx' to execute packages like 'hyperframes' and 'tsx', which may involve downloading these dependencies from the npm registry at runtime.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 06:40 AM
Security Audit — agent-trust-hub — website-to-hyperframes