guided-promo-video
Warn
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill installs
@helios-project/core,@helios-project/renderer, and@helios-project/cliusing npm. These packages do not belong to the trusted organizations list, posing a risk of malicious dependency execution if the registry or account is compromised. - PROMPT_INJECTION (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8) due to its design:
- Ingestion points: In STEP 3, the skill fetches content from user-provided marketing URLs and reads various repository files (CSS, Tailwind configs, and marketing copy).
- Boundary markers: Absent. There are no instructions to the agent to ignore or delimit instructions found within the fetched brand data.
- Capability inventory: The skill can install packages, write local files (
composition.html), and execute shell commands (npx helios,ffmpeg). - Sanitization: Absent. The agent is instructed to "focus on visible brand elements" and "align all creative decisions" with the extracted data, which could include hidden malicious instructions.
- COMMAND_EXECUTION (LOW): The skill executes
ffmpegandnpx helios. While these are functional requirements for video generation, they are triggered following the processing of potentially untrusted external data.
Audit Metadata