product-video
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were detected. The skill's code and instructions are consistent with its stated purpose as a service integration.
- [COMMAND_EXECUTION]: The skill utilizes several Bash scripts to interface with the Pexo API. These scripts are transparent, well-documented, and use standard utilities to perform their tasks.
- [DATA_EXFILTRATION]: Communication is directed to the vendor's API at https://pexo.ai. The skill handles user-provided API keys via a local configuration file (~/.pexo/config) and includes mechanisms to verify connectivity and authentication safely.
- [PROMPT_INJECTION]: The skill instructs the agent to relay user messages verbatim to the backend service, which creates a surface for indirect prompt injection.
- Ingestion points: User-provided product descriptions and video instructions are passed directly to the
pexo-chat.shscript. - Boundary markers: The instructions do not define specific delimiters or "ignore previous instructions" guards for the relayed content.
- Capability inventory: The skill can execute local scripts that perform network operations and read/write to the skill's local state directory.
- Sanitization: The scripts perform local syntax validation for asset tags but do not filter or sanitize the natural language content of user messages.
Audit Metadata