video-generation
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS & REMOTE_CODE_EXECUTION (HIGH): The skill instructs the agent to use
npx -y superconductor-gemini-skills. This command downloads and executes a package from the NPM registry that is not from a trusted organization. This allows for arbitrary code execution on the host machine every time the skill is invoked. - COMMAND_EXECUTION (HIGH): The skill passes user-provided text (video descriptions) directly into a shell command (
bash ${CLAUDE_PLUGIN_ROOT}/scripts/gemini.sh ... "YOUR VIDEO DESCRIPTION"). - Ingestion points: The user-provided text prompt and the optional
--fileargument. - Boundary markers: None present in the command template.
- Capability inventory: Executes bash scripts and NPX commands.
- Sanitization: No sanitization is mentioned or visible, which could allow a malicious user to perform command injection using shell metacharacters like backticks or
$()within the prompt string. - DYNAMIC_EXECUTION (MEDIUM): The use of
npxconstitutes dynamic loading and execution of code from a remote source, which increases the attack surface for supply chain compromises.
Recommendations
- AI detected serious security threats
Audit Metadata