ugc-b2c
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFENO_CODEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill consists of static markdown files providing instructions and templates for generating video prompts. No malicious instructions, obfuscation, or dangerous commands were detected.
- [NO_CODE]: The skill does not include any executable scripts or binary files; its operation is purely instruction-based.
- [EXTERNAL_DOWNLOADS]: References to external URLs (GitHub) and API endpoints are limited to the author's own infrastructure (tfcbot) and are necessary for the skill's stated purpose.
- [PROMPT_INJECTION]: The skill uses prompt templates that interpolate user-provided data into instructions for an AI video generator. While this is the intended use case, it creates a surface for indirect prompt injection. * Ingestion points: User-provided values for placeholders like [PRODUCT], [BRAND], and [PROBLEM] in SKILL.md. * Boundary markers: Absent. * Capability inventory: Interaction with an external video generation API. * Sanitization: Absent.
Audit Metadata