vimax-video-prompts
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill exhibits an attack surface for Indirect Prompt Injection (Category 8) due to its core function of processing external, untrusted literary content.
- Ingestion points: Multiple entry points for untrusted data were identified, including
{idea}and{user_requirement}in02-screenwriter.md,{novel_text}in06-event-extractor.md, and{novel_chunk}in08-novel-compressor.md. - Boundary markers: The prompts consistently use structured delimiters such as
<IDEA>,<STORY>, and<NOVEL_TEXT_START>to isolate untrusted input from the system instructions, which mitigates the risk of the model confusing data with commands. - Capability inventory: The agents' outputs are limited to text and structured metadata. There are no observed capabilities for executing shell commands, performing sensitive file operations, or making unauthorized network calls based on the generated content.
- Sanitization: The
Novel Compressor(08-novel-compressor.md) includes explicit instructions to discard non-narrative text and promotional content, which serves as a basic layer of input sanitization.
Audit Metadata