website-to-video
Pass
Audited by Gen Agent Trust Hub on Jul 15, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill captures and processes content from external URLs to generate video scenes, creating a surface for indirect prompt injection.\n
- Ingestion points: The skill captures target website routes, browser states, and assets during the workflow (SKILL.md).\n
- Boundary markers: The instructions do not define delimiters or specific warnings to ignore instructions embedded within the captured website content.\n
- Capability inventory: The skill involves preparing and executing shell commands for rendering artifacts (SKILL.md).\n
- Sanitization: No sanitization steps are defined for the website data processed by the agent.\n- [COMMAND_EXECUTION]: The skill directs the agent to prepare and execute render and preview commands for the resulting video projects. While this is expected behavior for the skill's purpose, it represents a capability that could be targeted via the indirect prompt injection surface mentioned above.
Audit Metadata