happy-video-gen
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill operates by executing a local Bun script (
scripts/main.ts) which performs network operations and file system writes. - [EXTERNAL_DOWNLOADS]: The skill fetches generated video content from various AI provider domains (e.g., openai.com, googleapis.com, runwayml.com, fal.run) and saves the binary data to the user's local disk. These are well-known services and the behavior is consistent with the skill's purpose.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it ingests untrusted data from local files and CLI arguments.
- Ingestion points: Prompt text is read from CLI arguments (
--prompt) and concatenated from local file paths provided via--promptfilesinscripts/main.ts. - Boundary markers: No specific delimiters or safety instructions are used to wrap the user-provided prompt before sending it to the APIs.
- Capability inventory: The skill possesses network access (
fetch), file read access (readFile), and file write access (writeFile). - Sanitization: No sanitization or escaping is performed on the prompt data before it is interpolated into the JSON request bodies sent to external providers.
- [DATA_EXFILTRATION]: In image-to-video mode, the skill reads local image files (
--image,--last-frame) and converts them to Base64 Data URIs to be transmitted to the selected video generation provider. This is the intended core functionality of the skill.
Audit Metadata