prompt-preflight-qa
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a robust framework for creative project management, aligning with its stated purpose of reviewing prompts and managing assets within a structured workspace.
- [COMMAND_EXECUTION]: The skill utilizes standard system utilities including
ffmpegfor generating placeholder media andyt-dlpfor downloading video assets from manifest-defined URLs. These operations are performed as part of the project asset management lifecycle. - [EXTERNAL_DOWNLOADS]: Video content is fetched from remote URLs provided in project manifests. These downloads are handled as data assets for the project and do not involve executable code.
- [CREDENTIALS_UNSAFE]: Authentication is managed by reading and writing session tokens to a local configuration file in the user's standard application configuration directory (e.g.,
~/.config/postplus). No hardcoded secrets were detected in the source code. - [DATA_EXFILTRATION]: Network communication is directed to the vendor's infrastructure for session management, billing, and hosted media generation. All requests are authenticated and performed over secure protocols.
Audit Metadata