Make Product In Hands
Pass
Audited by Gen Agent Trust Hub on Jun 1, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted input through
character_sheet_url,product_image_url, andproduct_image_base64parameters. This creates an indirect prompt injection surface where instructions could theoretically be embedded in the media metadata or contents. - Ingestion points:
SKILL.md(as parameters for themcp__agent-media__make_product_in_handstool). - Boundary markers: Not explicitly defined in the skill instructions.
- Capability inventory: The skill invokes the
mcp__agent-media__make_product_in_handstool and performs network requests toapi.agent-media.ai. - Sanitization: The skill description notes that media is automatically re-hosted to R2, which may involve server-side processing and validation.
- [DATA_EXFILTRATION]: The skill communicates with
api.agent-media.aito submit video generation requests and poll for results. This domain is the official service endpoint for the agent-media platform used by the skill. - [CREDENTIALS_UNSAFE]: The skill uses a placeholder variable
$AGENT_MEDIA_API_KEYfor authentication, following secure practices for secret management by not hardcoding sensitive tokens.
Audit Metadata