anycap-media-production
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill describes an iterative refinement workflow that involves incorporating human-provided text labels from visual annotations into subsequent prompts. This creates a potential surface for indirect prompt injection if the user provides malicious instructions within the labels.\n
- Ingestion points: Data returned by the
anycap annotate pollcommand, specifically the label field in the annotations JSON (SKILL.md).\n - Boundary markers: The instructions recommend using numbered markers (e.g., "#1", "#2") to delineate labels in the final prompt, providing structural separation (SKILL.md).\n
- Capability inventory: The agent has access to media generation, local file system writes for assets, and data publishing via
anycap driveandanycap page(SKILL.md).\n - Sanitization: No explicit sanitization or filtering of the human-provided label text is described before interpolation into the prompt.\n- [COMMAND_EXECUTION]: The skill provides instructions and examples for executing numerous shell commands using the
anycapCLI for media production tasks (SKILL.md).\n- [EXTERNAL_DOWNLOADS]: The guide mentions that reference images used for image-to-image transformations can be provided as URLs, which are then processed by the CLI tool (SKILL.md).\n- [SAFE]: All CLI tools (anycap) and referenced domains (anycap.ai) are owned by the skill's author (anycap-ai) and represent intended vendor functionality.
Audit Metadata