guided-explainer-video
Warn
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill installs several Node.js packages (
@helios-project/core,@helios-project/renderer,@helios-project/cli) during execution. These packages originate from an external organization not included in the trusted sources list. - [COMMAND_EXECUTION] (LOW): The skill executes external CLI tools including
ffmpeg(for audio analysis) andnpx helios render(for video production). While these are aligned with the skill's stated purpose, they represent execution of code from unverified external packages. - [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface: The skill fetches content from external URLs (Step 3) to research brand identity. Evidence Chain: 1. Ingestion point: Step 3 fetches user-provided URLs. 2. Boundary markers: Absent; fetched content is processed directly. 3. Capability inventory: Skill can install packages, write files, and execute CLI commands. 4. Sanitization: Absent; no validation or escaping of fetched content is performed before analysis.
- [CREDENTIALS_UNSAFE] (SAFE): The skill correctly handles sensitive credentials by prompting the user to provide the
ELEVEN_LABS_API_KEYin the environment and explicitly instructs the agent not to attempt to read local.envfiles.
Audit Metadata