Skills
AGENT LAB: SKILLS
skills/lattifai/omni-captions-skills/omnicaptions-convert/Gen Agent Trust Hub

omnicaptions-convert

Fail

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Unverifiable Dependencies] (MEDIUM): The skill instructs users to install omni-captions-skills using an untrusted --extra-index-url (https://lattifai.github.io/pypi/simple/). This bypasses the default secure PyPI registry and could be used to distribute malicious code from an unverified GitHub Pages site.- [Indirect Prompt Injection] (HIGH): The skill processes external caption data and has the capability to execute commands via Bash, which is a high-risk combination for indirect prompt injection.
  • Ingestion points: Caption files (SRT, VTT, etc.) processed by the omnicaptions convert command.
  • Boundary markers: Absent; there are no instructions to prevent the agent from following commands embedded in the caption text.
  • Capability inventory: Access to Bash (restricted to omnicaptions:*) and ffprobe (via the --video flag).
  • Sanitization: No sanitization of caption content is implemented or described.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 15, 2026, 09:17 PM