title-variants
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted video titles and summaries from external Google Sheets or JSON files and interpolates them directly into a prompt for the Claude LLM in
scripts/generate_title_variants.py. An attacker who can influence the input sheet or file could inject instructions to manipulate the LLM's output. - Ingestion points: Video titles and summaries are read from Google Sheets via
read_sheet_data()or from local JSON files. - Boundary markers: None. Input text is directly formatted into the prompt string.
- Capability inventory: The skill can perform network operations via the Google Sheets API and create/update documents in the user's Google Drive.
- Sanitization: No sanitization or escaping is performed on the input titles or summaries before they are sent to the LLM.
- [COMMAND_EXECUTION]: The skill uses
scripts/generate_title_variants.pyandscripts/update_sheet.pywhich are designed to be executed as subprocesses by the agent. While these scripts perform intended logic (Google Sheets integration), they require broad OAuth scopes (https://www.googleapis.com/auth/spreadsheets,https://www.googleapis.com/auth/drive) which grant the skill significant control over the user's Google workspace environment.
Audit Metadata