sora
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a bundled Python script,
scripts/sora.py, to perform video generation and management tasks. This script handles API interaction, job polling, and file management. - [EXTERNAL_DOWNLOADS]: The skill utilizes the
openaiPython package, which is fetched from the official Python Package Index (PyPI) when run with the recommendeduvtool. This is a trusted dependency from a well-known service. - [PROMPT_INJECTION]: The skill processes untrusted user prompts as part of its core video generation functionality, creating an indirect prompt injection surface.
- Ingestion points: Prompts are ingested through command-line arguments (
--prompt) or external files (--prompt-file) as processed byscripts/sora.py. - Boundary markers: The skill implements a structured prompt augmentation template in
scripts/sora.pyto organize user inputs and define specific fields like 'Scene', 'Camera', and 'Action'. - Capability inventory: The script has capabilities for local file system read/write (for prompts, images, and video assets) and network communication with the OpenAI API.
- Sanitization: Prompts are treated as data strings and transmitted via the official OpenAI SDK; they are not interpreted as executable commands by the script.
Audit Metadata