video-spec-builder
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through its WeChat article conversion feature.
- Ingestion points: Content is fetched from user-provided WeChat URLs (mp.weixin.qq.com) via an external API (ideaflow-article-to-markdown.hf.space) as described in references/wechat-article-video.md.
- Boundary markers: The skill does not implement specific delimiters when processing the retrieved article text.
- Capability inventory: The agent is provided with Python scripts (build.py) capable of file system operations, network requests, and executing shell commands like ffmpeg and npx.
- Sanitization: No explicit sanitization is performed on the extracted article text before it is used for narration generation or scene planning.
- [COMMAND_EXECUTION]: The skill provides scripts that execute shell commands to perform technical tasks.
- Python scripts in SKILL.md and references/wechat-build-example.md use subprocess.run to call ffprobe and ffmpeg for media analysis.
- The skill instructs the agent to use npx skills add to install rendering components.
- [EXTERNAL_DOWNLOADS]: The skill fetches article content from an official Hugging Face Space API (https://ideaflow-article-to-markdown.hf.space/resolve/mark) and downloads images from URLs identified within processed WeChat articles to the local workspace.
Audit Metadata