Skills
skills/sugarforever/01coder-agent-skills/video-script/Gen Agent Trust Hub

video-script

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its research workflow.\n
  • Ingestion points: The skill uses WebFetch to read reference articles from arbitrary URLs and Read/Grep/Glob to explore local code repositories provided by the user (Step 2 of the workflow).\n
  • Boundary markers: There are no explicit delimiters or system instructions provided to the agent to ignore or isolate potential malicious instructions embedded within the fetched external content.\n
  • Capability inventory: The agent has permissions to create directories and write files to the local file system (Step 3, 4, 5, 6) and can perform network operations via WebSearch and WebFetch.\n
  • Sanitization: There is no evidence of content sanitization, escaping, or validation of the data retrieved from external sources before it is interpolated into the script generation prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 11:22 AM