eachlabs-video-generation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE] (SAFE): No malicious code, obfuscation, or persistence mechanisms were detected in the skill contents.
- [COMMAND_EXECUTION] (SAFE): Example curl commands are used for legitimate API communication with the EachLabs service and do not involve suspicious execution patterns.
- [CREDENTIALS_UNSAFE] (SAFE): The skill correctly recommends the use of environment variables and provides placeholders for authentication headers, ensuring that API keys are not hardcoded.
- [PROMPT_INJECTION] (SAFE): Analysis of indirect prompt injection surface: Ingestion points: prompt and image_url fields in SKILL.md request examples. Boundary markers: JSON object structure. Capability inventory: Network requests via curl to api.eachlabs.ai. Sanitization: Not documented within the skill; the injection surface is inherent to the intended primary function of the skill.
Audit Metadata