generate-video
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface where untrusted content from scenario and scene definitions is interpolated into prompts for image generation. Evidence chain: (1) Ingestion: Scenario data enters the context via JSON files processed in merge-scenes.js and render-video.js. (2) Boundary markers: The Handlebars-style prompt templates do not currently employ delimiters or 'ignore' instructions for interpolated fields. (3) Capability: System capabilities include subprocess execution for rendering and network access for material generation. (4) Sanitization: Robust path traversal checks are implemented in load-assets.js and render-video.js. The risk is assessed as safe as it only impacts the visual content of generated assets.
- [COMMAND_EXECUTION]: Rendering is performed by spawning the Remotion CLI process in render-video.js. The implementation uses child_process.spawn with shell disabled, ensuring that arguments are not interpreted by a command shell, thus preventing command injection.
- [EXTERNAL_DOWNLOADS]: The skill uses the WebFetch tool to communicate with the Google AI API for image synthesis and utilizes npx to execute the Remotion framework. Both sources are reputable and necessary for the core functionality of the skill.
Audit Metadata