Aether
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill defines a pipeline that ingests untrusted data from live chat, creating a surface for indirect prompt injection. * Ingestion points: YouTube Live Chat API and Twitch IRC/EventSub (documented in references/chat-platforms.md). * Boundary markers: Explicit system prompt templates with character-specific rules and safety instructions are provided to guide LLM behavior (references/response-generation.md). * Capability inventory: The pipeline controls OBS scene management, source toggling, and automated TTS playback (references/obs-streaming.md). * Sanitization: The architecture includes multi-layer safety filtering, including regex blocklists, personal info detection, and LLM-based content classification (references/chat-platforms.md).
- [COMMAND_EXECUTION]: The skill automates complex system interactions via OBS WebSocket commands and local TTS engine API calls (VOICEVOX), which represent a capability surface if input sanitization is bypassed.
- [EXTERNAL_DOWNLOADS]: The skill references and provides implementation patterns for external libraries including obs-websocket-js, @cubism-sdk/framework, @pixiv/three-vrm, and three.js.
Audit Metadata