Skills
skills/openminis/minisskills/hyperframes-cli/Gen Agent Trust Hub

hyperframes-cli

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses install-skill.py to fetch configuration files and skill content from official GitHub repositories, including the author's own repo and well-known organizations like HeyGen.
  • [COMMAND_EXECUTION]: Utilizes subprocess.run in hf-render.py to interface with the ffmpeg and minis-browser-use CLI tools for frame encoding and browser control. It also uses the apk package manager in check-env.py to ensure system dependencies are present.
  • [REMOTE_CODE_EXECUTION]: Employs a dedicated installer script (install-skill.py) that downloads entire skill directories from remote repositories into the local execution path (/var/minis/skills/).
  • [PROMPT_INJECTION]: An indirect prompt injection surface is present in the website-to-video workflow, where the agent is instructed to process and summarize arbitrary content captured from external URLs.
  • Ingestion points: External website screenshots and extracted text (extracted/visible-text.txt) are ingested during Step 1 of the workflow.
  • Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions for the processed external data.
  • Capability inventory: The skill possesses system capabilities through subprocess.run (ffmpeg, npx) and file-writing via the skill installer.
  • Sanitization: No explicit sanitization or filtering of the captured website content is mentioned before it is used to generate storyboard and script assets.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 12:07 PM