skills/davincievans/bilibili-subtitle-download-skill/bilibili-subtitle-downloader/Gen Agent Trust Hub
bilibili-subtitle-downloader
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external subtitle data as input for AI summarization, creating a surface for indirect prompt injection.
- Ingestion points: Subtitle content is retrieved from remote Bilibili URLs in
scripts/download_and_chunk.pyandscripts/cheese_downloader.py. - Boundary markers: Sub-agent instructions in
SKILL.mddo not utilize delimiters or warnings to ignore embedded commands. - Capability inventory: The agent reads locally stored subtitle chunks and summarizes them using the provided prompts.
- Sanitization: No content filtering or validation is performed on the subtitle data prior to processing by the sub-agent.
Audit Metadata