video-spec-builder

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through its WeChat article conversion feature.
  • Ingestion points: Content is fetched from user-provided WeChat URLs (mp.weixin.qq.com) via an external API (ideaflow-article-to-markdown.hf.space) as described in references/wechat-article-video.md.
  • Boundary markers: The skill does not implement specific delimiters when processing the retrieved article text.
  • Capability inventory: The agent is provided with Python scripts (build.py) capable of file system operations, network requests, and executing shell commands like ffmpeg and npx.
  • Sanitization: No explicit sanitization is performed on the extracted article text before it is used for narration generation or scene planning.
  • [COMMAND_EXECUTION]: The skill provides scripts that execute shell commands to perform technical tasks.
  • Python scripts in SKILL.md and references/wechat-build-example.md use subprocess.run to call ffprobe and ffmpeg for media analysis.
  • The skill instructs the agent to use npx skills add to install rendering components.
  • [EXTERNAL_DOWNLOADS]: The skill fetches article content from an official Hugging Face Space API (https://ideaflow-article-to-markdown.hf.space/resolve/mark) and downloads images from URLs identified within processed WeChat articles to the local workspace.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 01:58 PM
Security Audit — agent-trust-hub — video-spec-builder