SRT Social Summary
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (MEDIUM): The skill is susceptible to indirect prompt injection because it ingests and processes untrusted external data (SRT files) and performs file-system operations based on that data.
- Ingestion points: The skill reads SRT subtitle files provided by the user (described in 'Usage Workflow
- Step 1').
- Boundary markers: There are no explicit instructions to use delimiters or ignore instructions embedded within the SRT content.
- Capability inventory: The skill has the capability to write a new file (
summary.md) to the local file system (described in 'Step 5: Output Format'). - Sanitization: There is no mention of sanitizing or escaping the content extracted from the SRT file before it is processed by the agent's logic. An attacker could embed malicious instructions within an SRT file to influence the agent's behavior or the content of the generated
summary.mdfile.
Audit Metadata