seedance-director
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill acts as a specialized text-to-JSON transformer with no external capabilities, network access, or file system operations. It is designed to work as a prompt-based utility for cinematography direction.
- [PROMPT_INJECTION]: The instructions contain strict formatting requirements to ensure the agent outputs a specific JSON schema (e.g., "You are a scene direction API", "Never output explanations"). These are functional constraints for its intended purpose and do not attempt to override underlying platform safety filters or extract system-level prompts.
- [DATA_EXFILTRATION]: There is no evidence of credential harvesting, sensitive file access, or unauthorized network communication. The skill does not interact with environment variables or external servers.
- [REMOTE_CODE_EXECUTION]: The skill does not include any executable scripts, dependency files (like package.json or requirements.txt), or instructions to download and execute code from the internet.
- [SAFE]: Indirect Prompt Injection Surface Analysis.
- Ingestion points: The skill processes unstructured text descriptions and images from users as specified in SKILL.md.
- Boundary markers: Absent. The skill parses user input directly from the conversation context.
- Capability inventory: None. The skill lacks tools for shell execution, file writing, or network requests.
- Sanitization: Not explicitly implemented, but the lack of exploitable capabilities renders the surface benign.
Audit Metadata