paw-cra-agent-video-producer
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill accesses local configuration files (
.pawbytes/config/config.yaml) to retrieve API keys for services like fal.ai and ElevenLabs. This data is used to authenticate requests to these providers' official endpoints. While this involves sending sensitive keys to the network, it targets well-known services for the skill's primary purpose and follows standard configuration patterns. - [COMMAND_EXECUTION]: The skill extensively uses
ffmpeg,curl, and theegakiCLI to process video files and interact with AI APIs. These commands are essential to the video production pipeline and are executed within the agent's expected operational scope. - [PROMPT_INJECTION]: The skill includes a research capability that ingests content from web searches to update a local knowledge base, which introduces a surface for indirect prompt injection.
- Ingestion points: External data from web searches is ingested via the
research-capability.mdworkflow into the project's knowledge directory. - Boundary markers: No explicit delimiters or boundary markers are used to isolate untrusted external content from the agent's system instructions.
- Capability inventory: The skill can write files to the project directory, execute complex
ffmpegrendering commands, and perform network requests usingcurland theegakiCLI. - Sanitization: There is no documentation of sanitization, filtering, or validation performed on the research findings before they are integrated into the knowledge base.
Audit Metadata