Skills
skills/voxflowstudio/skills/slice/Gen Agent Trust Hub

slice

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on the voxflow CLI for its primary functions, such as article slicing and staging previews. The slice stage feature dynamically generates browser-executable scripts by stringifying local functions via Function.prototype.toString().
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted text from user articles to generate video decks and prompt templates. Ingestion occurs during the voxflow slice workflow. While JSON encapsulation provides some structure, there are no explicit boundary markers to prevent the agent from obeying instructions embedded in the source articles. Capability inventory includes subprocess execution and user-mediated file writes.
  • [EXTERNAL_DOWNLOADS]: The skill makes network requests to the voxflow.studio API and allows the inclusion of external image URLs in the deck schema. These downloads are associated with the vendor's own infrastructure and are required for the skill's intended functionality.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 11:50 PM
Security Audit — agent-trust-hub — slice