pollo-ai-video-generator
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behavior, obfuscation, or security vulnerabilities were identified in the skill code or instructions.\n- [EXTERNAL_DOWNLOADS]: The skill connects exclusively to the vendor's official domain (
pollo.ai) to facilitate video generation, check credit balances, and handle file uploads to signed URLs. These operations are essential to the skill's functionality and are performed securely.\n- [CREDENTIALS_UNSAFE]: The skill implements best practices for secret management. It stores the API key in a local configuration file (~/.pollo/config.toml) with restricted file permissions (chmod 600) or retrieves it from environment variables. It explicitly instructs the agent to avoid passing the key as a command-line argument, protecting it from exposure in logs or process listings.\n- [COMMAND_EXECUTION]: Functionality is encapsulated in local Python scripts (scripts/pollo_api.py,scripts/poll_task.py) provided with the skill. These scripts use Python standard libraries and follow secure coding patterns to interact with the API.\n- [PROMPT_INJECTION]: The skill uses natural language instructions to define triggers and model selection logic. These instructions are purely operational and do not attempt to override the underlying agent's safety filters or system instructions.\n- [INDIRECT_PROMPT_INJECTION]: The skill processes user-provided text prompts and images through a controlled API integration.\n - Ingestion points: User prompts and image URLs are ingested and passed to the generation scripts via CLI arguments.\n
- Boundary markers: The skill relies on the agent's ability to structure JSON data for subprocess calls, which provides a logical boundary for untrusted data.\n
- Capability inventory:
scripts/pollo_api.py(file read for uploads, network access),scripts/poll_task.py(network access).\n - Sanitization: Input data is handled as string values within structured JSON payloads by the helper scripts, minimizing the risk of prompt injection affecting the agent's execution environment.
Audit Metadata