video-caption-creation
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill defines a sub-agent workflow that ingests untrusted data from external files, creating a surface for indirect prompt injection.\n
- Ingestion points: The sub-agent prompt template instructs the agent to read from
SOURCE.mdandEDITOR_HANDOFF.md.\n - Boundary markers: Absent; the instructions do not include delimiters or specific commands to ignore potential instructions embedded in the transcript data.\n
- Capability inventory: The agent is instructed to write output into the
EDITOR_HANDOFF.mdfile; no network access or system shell execution capabilities are defined within the skill.\n - Sanitization: Absent; there are no instructions to sanitize or validate the content of the ingested files before processing.\n- [NO_CODE]: The skill consists entirely of markdown instructions and templates, with no executable scripts, binary files, or code dependencies.
Audit Metadata