srt-title-generator
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [Data Exposure & Exfiltration] (HIGH): The skill encourages the agent to use the
catcommand on a path provided by the user. This is a path traversal vulnerability that allows an attacker to read any file the agent has access to, including sensitive credentials or configuration files. - [Indirect Prompt Injection] (MEDIUM): The skill is vulnerable to Indirect Prompt Injection (Category 8) because it processes untrusted content from SRT files. (1) Ingestion points: Subtitle text read via
cat(referenced in SKILL.md). (2) Boundary markers: Absent; there are no delimiters or instructions to ignore malicious commands in the input. (3) Capability inventory: File system access viacatand content generation for multiple platforms. (4) Sanitization: Absent; the skill does not validate input content or sanitize it before analysis.
Recommendations
- AI detected serious security threats
Audit Metadata