director-qa
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill incorporates external variables into prompts sent to the VidJutsu API, creating a surface for indirect prompt injection.\n
- Ingestion points: Scene descriptions ('scene.prompt') and dialogue strings are ingested from previous pipeline steps and used in the 'SKILL.md' instructions.\n
- Boundary markers: The skill uses single quotes to delimit interpolated variables, which can be bypassed by malicious input designed to escape the context.\n
- Capability inventory: The outcome of these prompts determines whether the agent retries generation, aborts the entire pipeline, or proceeds to the next stage.\n
- Sanitization: No input validation or sanitization is performed on the ingested data before it is sent to the external API.\n- [DATA_EXFILTRATION]: The skill performs network operations (HTTP POST) to the 'vidjutsu.ai' domain to process video frames and audio. While these operations are fundamental to the skill's purpose, they involve transmitting metadata to a third-party service.
Audit Metadata