Skills
skills/terrylica/cc-skills/convert/Gen Agent Trust Hub

convert

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection attack surface because it processes untrusted terminal recording data intended for AI analysis.
  • Ingestion points: The skill reads .cast files from user-specified paths or the default ~/asciinemalogs directory as defined in SKILL.md.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to distinguish between the recording content (data) and the agent's instructions (control), nor any warnings to ignore instructions embedded within the recordings.
  • Capability inventory: The skill has access to Bash, Write, and Glob tools, which represent a significant capability surface if the agent were to be successfully influenced by malicious content in a recording.
  • Sanitization: The workflow does not include any steps to sanitize, filter, or validate the content of the .cast files before they are converted and analyzed.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 09:51 AM