creator
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill orchestrates its workflow using various shell commands and local CLI tools.
- Uses
mkdir,cat, andrmfor state management and output preparation in the working directory and.listenhub/creator/. - Employs
jqfor parsing data from API responses and configuration files. - Executes
listenhubandcoliCLI tools to perform image generation, text-to-speech, and transcription tasks. - [EXTERNAL_DOWNLOADS]: Fetches external resources required for content processing.
- Downloads user-provided media URLs to a temporary directory using
curlfor subsequent transcription. - Uses a remote API to extract content from arbitrary web URLs provided by the user.
- [DATA_EXFILTRATION]: Transmits processed content and prompts to external services.
- Sends user-provided material and generated instructions to
api.marswave.aifor content extraction and media generation. - These interactions are documented as part of the vendor's own infrastructure and are necessary for the skill's functionality.
- [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection due to its handling of untrusted data.
- Ingestion points: External data enters the agent's context through web content extraction (Step 5 of the pipeline) and the reading of local audio/text files.
- Boundary markers: The prompt templates for writing articles and scripts do not use explicit delimiters or "ignore previous instructions" warnings when interpolating the extracted material.
- Capability inventory: Across its scripts, the skill has the ability to execute shell commands, perform network operations, and write to the local file system.
- Sanitization: There is no evidence of filtering, escaping, or validation applied to the external content before it is processed by the AI for content generation.
Audit Metadata