gemini-video-understanding
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill documentation instructs users to install
google-genai, which is a library provided by Google. This is a trusted source per [TRUST-SCOPE-RULE].\n- [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection due to its core function of processing untrusted external data.\n - Ingestion points: The skill ingests data from local video files (
--video-path) and remote YouTube videos (--youtube-url).\n - Boundary markers: No specific delimiters or instructions to ignore embedded content are mentioned in the documentation for the
analyze_video.pyscript.\n - Capability inventory: The skill uses the Gemini API to process content and can write analysis results to local files via the
--output-fileargument.\n - Sanitization: The provided documentation does not indicate any sanitization of the video content or YouTube metadata before it is processed by the AI model.
Audit Metadata