ugc-lifestyle-broll
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill defines an indirect prompt injection surface by merging untrusted user input into structured prompt templates for video generation.
- Ingestion points: User input is accepted via placeholders such as [PRODUCT], [SURFACE], and [ADDITIONAL DETAILS] in SKILL.md.
- Boundary markers: The templates lack specific delimiters or isolation instructions to prevent user input from overriding the intended prompt structure.
- Capability inventory: The resulting strings are intended to be processed by a video generation tool via the rawugc-api skill (POST /videos/generate).
- Sanitization: No validation or filtering is performed on the user-provided data before interpolation.
- [NO_CODE]: The skill is composed entirely of Markdown documentation and reference files, with no scripts, binaries, or executable code logic provided.
Audit Metadata