walkthrough-script-agent
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it analyzes untrusted content from external sources such as codebase files, screenshots, and video recordings to identify app features.
- Ingestion points: The agent ingests data from user-provided codebase, screenshots, and video recordings during the analysis phase.
- Boundary markers: The skill lacks explicit boundary markers or instructions to disregard potential commands embedded within the analyzed data.
- Capability inventory: The agent has the ability to read files and execute shell commands via the frame extraction utility.
- Sanitization: No sanitization or validation is performed on the data extracted from the external source materials.
- [COMMAND_EXECUTION]: The skill uses a shell command to execute a Python script (
extract_frames.py) for processing video recordings. This command is executed using thepython3interpreter and takes a user-specified video path as an argument.
Audit Metadata