Skills
skills/aaaaqwq/claude-code-skills/ai-video-gen/Gen Agent Trust Hub

ai-video-gen

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill processes untrusted external content (user prompts and voiceover text) and uses it to drive high-capability AI models and local file operations.
  • Ingestion points: Command-line arguments --prompt and --text in generate_video.py and add_voiceover.py respectively.
  • Boundary markers: Absent. The skill does not use delimiters or instructions to prevent the model from obeying embedded instructions within the prompts.
  • Capability inventory: Executes local subprocesses (ffmpeg), writes files to the local disk (output/ directory), and performs network operations to multiple external APIs (OpenAI, LumaAI, Replicate).
  • Sanitization: Absent. There is no filtering or validation of the input text before it is sent to the LLM/Image generator/TTS models.
  • [Command Execution] (MEDIUM): The skill heavily relies on subprocess.run to execute FFmpeg for media processing.
  • Evidence: add_voiceover.py, generate_video.py, and images_to_video.py all construct FFmpeg commands using user-provided file paths.
  • Risk: While the scripts use argument lists (avoiding shell=True), the images_to_video.py script dynamically generates a filelist.txt for FFmpeg's concat demuxer. Maliciously crafted filenames could potentially lead to local file inclusion or unexpected FFmpeg behavior within the host environment.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 09:55 AM