lazycat-movie-search
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local bash scripts
scripts/yts-api.shandscripts/vuetorrent-api.shto perform movie searches and interact with a local torrent client. - [EXTERNAL_DOWNLOADS]: The
yts-api.shscript fetches movie metadata and torrent information from an external API endpoint (https://movies-api.accel.li/api/v2). - [CREDENTIALS_UNSAFE]: The
vuetorrent-api.shscript contains hardcoded default credentials (admin/adminadmin). These are provided as functional defaults for the target application and do not indicate malicious harvesting. - [PROMPT_INJECTION]: The skill processes untrusted movie metadata from an external API, creating an indirect prompt injection surface when displaying results to the user.
- Ingestion points: Movie titles and details retrieved from the YTS API results in
scripts/yts-api.sh. - Boundary markers: Not present; external content is displayed directly to the user for selection.
- Capability inventory: Network access for metadata retrieval and management of local torrent tasks via
scripts/vuetorrent-api.sh. - Sanitization: Uses
jqfor basic structured data parsing, but does not apply specific sanitization for malicious instruction patterns within the metadata text.
Audit Metadata