video-gen
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- Data Exposure & Exfiltration (LOW): The skill accesses the
MAX_API_KEYenvironment variable and transmits it tointernal.infquest.com. While this is consistent with the skill's stated purpose of authenticating with a video generation API, the domain is not on the pre-approved whitelist. - Indirect Prompt Injection (LOW): The skill possesses an attack surface for indirect prompt injection.
- Ingestion points: User-provided prompts and image paths collected via the
AskUserQuestiontool. - Boundary markers: Absent; user input is directly interpolated into the script execution command and API payload.
- Capability inventory: The skill executes local Python scripts via
uv run, writes files to the local disk, and performs network POST/GET requests. - Sanitization: No explicit sanitization or validation of the prompt string is performed before it is passed to the video generation model or used in the shell command.
- Command Execution (SAFE): The skill executes a local Python script (
video-gen.py). The script usesargparseandpathlib, which provides some protection against basic path traversal or command injection compared to raw string concatenation, though the agent-side invocationopen "OUTPUT_PATH"relies on the agent's ability to handle potentially malicious paths safely.
Audit Metadata