SRT Card Annotator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure] (SAFE): The skill only reads the user-provided SRT file and a local configuration file (
references/card-types.yaml). It does not access sensitive directories or hardcoded credentials. - [Remote Code Execution] (SAFE): No remote scripts or external packages are downloaded. The skill explicitly forbids the use of Python scripts or automation, relying solely on LLM reasoning.
- [Indirect Prompt Injection] (SAFE):
- Ingestion points: Reads content from user-provided SRT files (
SKILL.md). - Boundary markers: Absent; the skill analyzes raw text from subtitle segments.
- Capability inventory: No dangerous capabilities detected. No network access, no shell execution, and no arbitrary file-system writes (restricted to
reference-cards.srt). - Sanitization: Not present, but unnecessary given the lack of executable capabilities.
- [Obfuscation] (SAFE): No encoded content, hidden characters, or homoglyphs were detected in the skill files.
Audit Metadata