plan-video
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to override agent behavior or bypass safety filters.
- Data Exposure & Exfiltration (SAFE): No hardcoded secrets or access to sensitive local files. No network communication is performed.
- Obfuscation (SAFE): No encoded content or hidden characters detected in the source code or instructions.
- Remote Code Execution (SAFE): The Python script uses only standard libraries (re, urllib.parse) and does not download or execute external code.
- Indirect Prompt Injection (LOW): The skill processes untrusted user input (URLs) to generate a todolist.md file. While this creates an ingestion surface for malicious instructions embedded in URLs, the current implementation only performs string extraction and does not execute the extracted data. Evidence Chain: 1. Ingestion points: extract_urls in scripts/extract_video_id.py processes raw user text. 2. Boundary markers: None present in the generated Markdown. 3. Capability inventory: File writing (todolist.md). 4. Sanitization: Uses regex for URL extraction, but does not sanitize the resulting strings for downstream agent consumption.
Audit Metadata