seek-and-analyze-video
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to process untrusted data from external video platforms such as YouTube, TikTok, and Instagram, which creates a significant surface for indirect prompt injection. Maliciously crafted transcripts or video metadata could influence the agent during the analysis phase.
- Ingestion points: Video transcripts and metadata retrieved from external social media URLs (SKILL.md).
- Boundary markers: No explicit boundary markers or safety instructions for handling embedded commands are present in the documented workflows.
- Capability inventory: The skill utilizes capabilities for deep video analysis (chat_video) and persistent storage (memory_add), which increases the potential impact of successful injection.
- Sanitization: No mechanisms for sanitizing or filtering instructions from retrieved content are described.
- [NO_CODE]: The analyzed skill consists entirely of markdown documentation and metadata; no executable scripts, configuration files, or implementation logic were provided for security review.
Audit Metadata