youtube-short-maker
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses several shell scripts in the
scripts/directory to interface with the Pexo API. These scripts are invoked by the agent to create projects, upload assets, and poll for status. They are written in Bash and utilize standard utilities likecurlandjqfor network communication and JSON processing. - [EXTERNAL_DOWNLOADS]: The
scripts/pexo-asset-get.shscript downloads generated video assets from the Pexo service to the local filesystem (~/.pexo/tmp/). These downloads use signed URLs provided by the vendor's API and occur over HTTPS. - [DATA_EXFILTRATION]: The skill facilitates the transfer of user-provided media files to the vendor's API (
https://pexo.ai) viascripts/pexo-upload.sh. This behavior is the core intended functionality for a cloud-based video generation service and is restricted to the vendor's domain. - [PROMPT_INJECTION]: The skill instructions include guidance for the agent to relay messages from the backend API to the user. While this creates a surface for indirect prompt injection (Category 8), it is consistent with the primary purpose of the skill as a service relay. The analysis found no evidence of direct injection attempts or malicious concealment instructions. The ingestion point is
scripts/pexo-project-get.sh, and while no explicit sanitization or boundary markers are defined for the relayed text, the risk is inherent to the service model and mitigated by the trusted nature of the vendor.
Audit Metadata