after-effects
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a bash wrapper to execute ExtendScript logic via the macOS
osascriptutility. This is a standard architectural pattern for automating Adobe applications from external processes. - [DYNAMIC_EXECUTION]: The skill's primary function is to generate and execute custom JSX scripts (
ae-action.jsx). This allows for flexible automation tailored to specific user requests, following established After Effects scripting guidelines. - [DATA_EXPOSURE]: Local files in
/tmp/and the user's home directory are used for logging and inter-process communication. These files contain operational data and results, not sensitive system credentials or private user data. - [INDIRECT_PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it processes external files (SRT, CSV) and has the capability to modify the After Effects project. 1. Ingestion points: In
srt-import.jsx,comp-from-csv.jsx, andtext-export-import.jsx, the skill reads and parses content from user-provided file paths. 2. Boundary markers: The skill relies on the agent's logic to handle file paths; no explicit delimiters or 'ignore' instructions are used within the data files themselves. 3. Capability inventory: Scripts can create/delete layers, import footage, modify properties, and manipulate the Render Queue. 4. Sanitization:srt-import.jsxperforms basic HTML tag stripping from subtitle text. While these ingestion points exist, they are inherent to the skill's utility and do not represent a malicious intent.
Audit Metadata