pan-3d-transition
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/insert_3d_transition.pyexecutes multiple external binaries includingffmpeg,ffprobe, andnpx. While it uses list-based arguments forsubprocess.runto prevent shell injection, the--bg-colorargument is directly interpolated into an FFmpeg filter string (color=c={bg_color...}). An attacker could potentially inject additional FFmpeg filters by providing a value containing colons or other filter delimiters. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of Node.js dependencies via
npm installand executesnpx remotion, which may download the Remotion package from the public npm registry if it is not present. These are standard operations for the Remotion framework and target well-known repositories. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing untrusted external data.
- Ingestion points: The script reads user-provided file paths for
input_videoandbg_image, and processes output fromffprobe. - Boundary markers: None are present; the agent processes the file paths and contents directly as part of the media pipeline.
- Capability inventory: The skill performs file system reads/writes and executes complex media processing commands using
ffmpeg,ffprobe, andnpx. - Sanitization: The script lacks validation for the internal structure or metadata of the video/image files, and the
bg_colorstring is not sanitized against filter injection.
Audit Metadata