media-craft
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill requires installing the
obraCLI vianpm install -g obra. This package is not from a trusted source, which poses a risk of supply chain attacks or malicious code execution during installation or runtime.\n- COMMAND_EXECUTION (LOW): The skill instructs the agent to execute theobraCLI using user-provided prompts. The lack of explicit shell-escaping instructions for the agent creates a potential vector for command injection if the agent fails to properly handle special characters in user input.\n- PROMPT_INJECTION (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8). Ingestion points: User prompts for media generation inSKILL.md. Boundary markers: Absent; user input is directly interpolated into CLI commands. Capability inventory: TheobraCLI performs network operations and local file writes. Sanitization: Absent; no input validation or instruction to ignore embedded commands is provided.
Audit Metadata