Skills
skills/pexoai/pexo-skills/videoagent-video-studio/Gen Agent Trust Hub

videoagent-video-studio

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill communicates with an external proxy at https://video-gen-proxy.vercel.app to facilitate video generation without requiring local API keys. This is documented as a primary feature.
  • [COMMAND_EXECUTION]: The skill requires the agent to execute a local Node.js script, tools/generate.js, to process generation requests and communicate with the proxy.
  • [PROMPT_INJECTION]: The skill handles untrusted user input (prompts and image URLs) that is forwarded to external video generation APIs. Evidence: 1. Ingestion points: tools/generate.js (via --prompt and --image-url). 2. Boundary markers: None used for user-provided strings. 3. Capability inventory: Network access via the fetch API in tools/generate.js. 4. Sanitization: Input strings are used directly without sanitization.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 07:16 AM