AI Camera Director
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill implements 'Dynamic Learning Rules' in
SKILL.mdthat require the agent to perform network searches for specific AI tools (e.g., Sora, Runway) and integrate the results into its behavior. This creates a surface where malicious instructions embedded in external web content could influence the agent's output. - Ingestion points: Network search results triggered by keywords like 'Sora', 'Runway', and '2025' defined in the 'Dynamic Learning Rules' section of
SKILL.md. - Boundary markers: Absent. The instructions do not specify any delimiters or safety warnings to treat external search results as untrusted data.
- Capability inventory: The agent has the capability to perform network searches and generate complex film scripts and prompts that could be used in other high-privilege AI pipelines.
- Sanitization: No sanitization or filtering of external content is described in the
validation-rules.mdor workflow files. - No Code (SAFE): The skill is composed of Markdown documentation and pseudo-code logic; no executable scripts, shell commands, or hardcoded credentials were detected across the analyzed files.
Audit Metadata