tutor-general
Warn
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: In scripts/generate_tts.py, the os.system() function is used to execute ffmpeg commands. The filenames are constructed using the 'name' field from a user-supplied CSV file without shell escaping. This allows for potential command injection if the CSV contains shell metacharacters like ';' or '&'.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data from CSV and Markdown files.
- Ingestion points: scripts/generate_tts.py (CSV) and scripts/validate_audio.py (Markdown).
- Boundary markers: None present. The skill does not use delimiters to isolate data from instructions.
- Capability inventory: The skill can execute shell commands and generate code.
- Sanitization: No sanitization is performed on input fields before they are used in commands or code generation.
- [EXTERNAL_DOWNLOADS]: The skill relies on external libraries like edge-tts and motion-canvas. These are from well-known sources and are documented neutrally as they are necessary for the skill's functionality.
Audit Metadata