text-on-broll
Warn
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill instructs the agent to programmatically extract the 'GEMINI_API_KEY' from a local '.env' file using shell commands ('grep' and 'cut'), which exposes sensitive credentials to the environment.- [COMMAND_EXECUTION]: The workflow requires extensive use of the shell to run Python scripts ('python3'), manage files ('mkdir', 'cp'), and execute build/render tools ('npm', 'npx').- [EXTERNAL_DOWNLOADS]: The skill dynamically installs multiple Node.js packages from the NPM registry during the project setup phase.- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface (Category 8) as it ingests untrusted user topics to generate video text and code templates.
- Ingestion points: User-provided 'topic' in 'SKILL.md'.
- Boundary markers: None; the skill lacks delimiters or instructions to ignore embedded commands in user input.
- Capability inventory: Subprocess execution (Python, Node), file system modification, and network access for package installation.
- Sanitization: None; input is directly interpolated into text patterns and React components.
Audit Metadata