find-scene
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill operates as a bridge to the find-scene.com API. Analysis of the documentation reveals no malicious code, obfuscation, or unauthorized access patterns. All functionality aligns with the stated purpose of media search and retrieval.\n- [PROMPT_INJECTION]: The skill processes external subtitle data and movie metadata fetched from an API. This creates a surface for indirect prompt injection, but the risk is categorized as low due to the lack of sensitive execution capabilities and the specialized nature of the data.\n
- Ingestion points: Subtitle text retrieved from search_phrase and movie metadata from query_imdb.\n
- Boundary markers: No specific delimiters or "ignore instructions" warnings are defined in the skill documentation for the processed text data.\n
- Capability inventory: The skill is limited to performing API requests to find-scene.com and providing search results or signed media URLs to the user.\n
- Sanitization: No explicit sanitization or validation of the API-provided strings is documented in the instructions.\n- [EXTERNAL_DOWNLOADS]: The skill facilitates the download of video segments and frames from api.find-scene.com. These operations are initiated by the user and processed through the official service domain, representing the primary intended functionality of the tool.
Audit Metadata