scriptwriting
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and process user-provided script content for formatting and analysis. This creates a surface for indirect prompt injection where an attacker could embed instructions within a script intended for processing.
- Ingestion points: Script text provided by the user for analysis by the 'engagement_analyzer.py' or 'script_formatter.py' (as described in the summary).
- Boundary markers: The provided templates (e.g., video_script_template.md) do not include specific delimiters or instructions for the agent to ignore embedded commands within the content.
- Capability inventory: The summary describes Python scripts for timing calculation, multi-format conversion, and content optimization. These scripts were not provided for analysis.
- Sanitization: No sanitization or validation logic is present in the provided markdown files.
- [Unverifiable Dependencies] (SAFE): The 'Scriptwriting_Skill_Summary.md' file references three Python scripts (
timing_calculator.py,script_formatter.py,engagement_analyzer.py) that are missing from the provided file set. While the summary mentions them, no code was available to audit for external dependencies or remote execution patterns. - [Safe] (SAFE): The provided markdown files (
ai_cliches_to_avoid.md,hooks_database.md,transition_library.md, andvideo_script_template.md) contain purely educational content, reference data, and structural templates with no security risks.
Audit Metadata