Skills
skills/bluewaves-creations/bluewaves-skills/video-from-frames/Gen Agent Trust Hub

video-from-frames

Pass

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill's design creates an attack surface for indirect prompt injection where a malicious user could trick the agent into performing unauthorized actions using the skill's capabilities.
  • Ingestion points: The first_frame_url and last_frame_url parameters in SKILL.md allow the agent to receive arbitrary file paths from users.
  • Boundary markers: None present. There are no instructions for the agent to validate the source or content of the files provided to the URLs.
  • Capability inventory: The skill requests Bash, Read, and Write permissions, allowing it to execute shell commands and interact with the file system.
  • Sanitization: No sanitization logic is present in the provided documentation to prevent path traversal or injection of sensitive local files.
  • [Data Exfiltration] (LOW): The skill is designed to upload local files to fal.ai via the fal_client.upload_file() method. Since fal.ai is not a whitelisted trusted domain and the skill has Read access to the filesystem, an attacker could potentially exfiltrate sensitive files (e.g., ~/.ssh/id_rsa) by passing them as frame parameters.
  • [External Downloads] (SAFE): The skill interacts with fal.ai to generate and download video content. This is a standard functional requirement for an AI media generation tool and is considered safe given the intended purpose, though the external domain is not in the predefined trusted list.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 21, 2026, 08:22 AM