Skills
skills/crazynomad/skills/srt-title-generator/Gen Agent Trust Hub

srt-title-generator

Warn

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use the cat command on file paths provided by the user. If the agent does not properly sanitize these inputs, an attacker could use shell metacharacters to execute arbitrary commands.
  • [DATA_EXFILTRATION]: The instruction to read arbitrary files via cat enables potential exposure of sensitive information. A malicious user could provide paths to configuration files, environment variables, or SSH keys, which the agent would then read and process.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted transcript data from SRT files.
  • Ingestion points: Subtitle content extracted from SRT files using the cat command as specified in the Integration section of SKILL.md.
  • Boundary markers: Absent; the skill does not use delimiters or instructions to the agent to treat transcript content as untrusted data.
  • Capability inventory: File system read access via the cat shell command.
  • Sanitization: Absent; the skill does not define any logic to filter or validate transcript text for malicious instructions before processing.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 29, 2026, 01:30 AM