Skills
skills/sanky369/vibe-building-skills/remotion-script-writer/Gen Agent Trust Hub

remotion-script-writer

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill is designed to ingest and analyze untrusted codebase data (via local paths or GitHub URLs) to generate video scripts. There is a risk that instructions embedded in comments within the analyzed code could hijack the LLM's output.
  • Ingestion points: The code field defined in rules/prompt-structure.md and referenced in SKILL.md.
  • Boundary markers: None found. The system prompt in rules/script-generation.md lacks delimiters or warnings to ignore instructions found within the processed code.
  • Capability inventory: The skill generates a structured JSON script that dictates scene content, voiceover, and technical requirements for downstream rendering tools.
  • Sanitization: No sanitization or validation of the input code content is performed.
  • [Data Exposure] (LOW): The skill's core functionality involves reading local directory structures and file contents (SKILL.md). If the agent is not restricted, an attacker could point the skill to sensitive directories (e.g., ~/.ssh or .env files) to extract their contents under the guise of 'codebase analysis'.
  • [External Downloads] (LOW): The skill mentions fetching data from APIs for dynamic content and analyzing GitHub repositories. While legitimate for the use case, these are network operations targeting non-whitelisted domains.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:10 PM