plex-media-server
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill facilitates interaction with the official Plex Media Server API using standard utilities. All operations are directed to the user's own server via the $PLEX_URL environment variable.
- [SAFE]: Authentication tokens are managed through environment variables ($PLEX_TOKEN), which prevents the exposure of hardcoded credentials in the skill configuration.
- [SAFE]: External references, such as the linuxserver/plex Docker image, originate from well-known and trusted organizations in the container ecosystem.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it retrieves and processes media metadata (titles, summaries) from the Plex API which could be manipulated.
- Ingestion points: Metadata fetched from API endpoints like /library/sections, /hubs/search, and /status/sessions in SKILL.md.
- Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the commands.
- Capability inventory: The skill uses curl for network requests and jq for data manipulation in SKILL.md.
- Sanitization: Media metadata is processed and displayed without explicit validation or filtering of its content.
Audit Metadata