video-gen
Pass
Audited by Gen Agent Trust Hub on May 21, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted user input and incorporates it into shell commands.\n
- Ingestion points: User-provided text description (prompt) and file paths/URLs for images, videos, and audio (SKILL.md).\n
- Boundary markers: Missing; the skill does not use specific delimiters or 'ignore embedded instructions' warnings when handling user strings.\n
- Capability inventory: Executes shell commands for 'listenhub' CLI, 'npm', 'ffprobe', and 'curl' (SKILL.md).\n
- Sanitization: The skill advises using 'proper quoting' and avoiding 'eval', but does not specify rigorous validation or escaping of user-provided content.\n- [EXTERNAL_DOWNLOADS]: The skill automatically installs or updates the '@marswave/listenhub-cli' package globally using 'npm install -g'. This package is a vendor-owned resource necessary for the skill's function.\n- [EXTERNAL_DOWNLOADS]: The skill uses 'curl' to download generated video files from remote URLs to the local file system.\n- [COMMAND_EXECUTION]: The skill executes multiple shell commands to manage configuration, detect video metadata using 'ffprobe', and run the video generation CLI.
Audit Metadata