agent-media-v2

Pass

Audited by Gen Agent Trust Hub on May 27, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes agent-media CLI commands to list characters, check job status, and generate video assets. These operations are essential to the skill's primary function and are performed following a structured user-confirmation workflow.
  • [EXTERNAL_DOWNLOADS]: The README provides instructions for installing the agent-media-cli and @agentmedia/mcp-server packages from the standard NPM registry. These packages are official components provided by the skill author.
  • [PROMPT_INJECTION]: The skill includes instructions to guide agent behavior (e.g., 'HARD GATE', 'NEVER mention pricing'). These are design constraints intended to ensure high-quality output and maintain a specific user experience, rather than attempts to bypass safety filters or override system-level instructions.
  • [DATA_EXPOSURE]: The skill handles character_id and URL references for media assets. It specifically instructs the agent to handle these IDs internally and only present human-friendly names to the user, preventing unnecessary exposure of internal identifiers.
  • [SAFE]: No obfuscation, persistence mechanisms, or privilege escalation patterns were detected in the analyzed files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 27, 2026, 12:00 PM
Security Audit — agent-trust-hub — agent-media-v2