video-noise-reduction
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes external video content via URLs, which creates a surface for indirect prompt injection.
- Ingestion points: Untrusted data enters the agent context through the
video_urlsparameter in thecurlexamples withinSKILL.md. - Boundary markers: The instructions lack explicit delimiters or warnings to ignore instructions that might be embedded in the video file's metadata or content.
- Capability inventory: The skill documentation indicates the agent performs network operations and handles tool calls initiated by the API response.
- Sanitization: There is no evidence of input validation or sanitization for the content of the external video files.
- [DATA_EXFILTRATION]: The skill provides examples for using
curlto communicate withsense.eachlabs.run. This network activity is necessary for the skill's primary function and targets the author's verified infrastructure. - [CREDENTIALS_UNSAFE]: Authentication is managed through the
$EACHLABS_API_KEYenvironment variable, which is a standard and safe practice for secret management. - [SAFE]: All external resources and API endpoints belong to the skill's author,
eachlabs, and represent legitimate vendor functionality.
Audit Metadata