video-description
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data (video transcripts and supplementary documents), creating a surface for indirect prompt injection. Ingestion points: Transcripts and supplementary materials are ingested via the analyze source material workflow in SKILL.md. Boundary markers: The skill instructions do not specify any delimiters or safety prompts to isolate external content from the agent's instructions. Capability inventory: The agent utilizes local Python scripts (scripts/validate.py) to perform formatting checks. Sanitization: No input sanitization or verification processes are documented for the ingested transcripts.
- [COMMAND_EXECUTION]: The skill executes a local Python utility (scripts/validate.py) to validate generated descriptions against defined standards. This utility is a legitimate component of the skill's quality assurance framework and is provided by a trusted author.
Audit Metadata