Skills
skills/benzema216/dreamina-claude-skills/dreamina-video-multi-frame/Gen Agent Trust Hub

dreamina-video-multi-frame

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • General Analysis (SAFE): The code implements a standard API client for the Jianying video generation service. It uses the requests library to send structured JSON data to a legitimate domain (jimeng.jianying.com).\n- Data Handling (SAFE): While the skill handles session IDs, they are used solely for authentication with the target API as required for the functionality. No evidence of unauthorized data exposure or exfiltration was found.\n- Indirect Prompt Injection (LOW): The skill accepts user-provided prompts and image URIs which are passed directly to an external API.\n
  • Ingestion points: image_uri_list and prompt_list in SKILL.md\n
  • Boundary markers: Absent\n
  • Capability inventory: requests.post network call\n
  • Sanitization: Absent\n
  • Summary: The risk is limited to poisoning the input of the external video generation tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:41 PM