vertex-ai-media-master

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill enables processing of external media files (video, audio, images) from local or Cloud Storage paths via Gemini and Imagen models. This creates a surface where adversarial content embedded within processed media could influence the agent's behavior, although this is a standard risk for multimodal processing workflows.
  • Ingestion points: media files are ingested from Google Cloud Storage (gs://) URIs and local filesystem paths as described in SKILL.md and references/examples.md.
  • Boundary markers: Prompting examples in references/examples.md do not currently utilize explicit markers or system instructions to ignore embedded commands within source media.
  • Capability inventory: The skill is granted Bash, Write, Edit, and Read tools, which allow for the management and modification of generated assets.
  • Sanitization: There are no specific instructions for sanitizing or filtering external media content for embedded instructions prior to model processing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 06:13 AM
Security Audit — agent-trust-hub — vertex-ai-media-master