audio-extract
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the
agent-mediaCLI tool to perform audio extraction via a bundled ffmpeg binary. - [PROMPT_INJECTION]: The skill documentation describes a surface for indirect prompt injection by accepting user-provided paths and URLs.
- Ingestion points: The
--inparameter in SKILL.md accepts external file paths and URLs for processing. - Boundary markers: No boundary markers or 'ignore' instructions are present to delimit the external content.
- Capability inventory: The skill triggers subprocess execution through the
agent-mediacommand. - Sanitization: No input validation or sanitization of the provided file paths or URLs is specified in the documentation.
Audit Metadata