analyze-video
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs legitimate video analysis and JSON processing tasks as described. No malicious patterns or security risks were identified.
- [COMMAND_EXECUTION]: The skill utilizes standard system utilities including
ffmpegfor frame extraction and shell commands (mkdir,cp,rm) for file management. These operations are restricted to the local file system and align with the skill's primary function of video processing. - [INDIRECT_PROMPT_INJECTION]: The skill processes external video files and audio transcripts, which represents an inherent attack surface for indirect prompt injection. However, the risk is mitigated by the structured nature of the tasks and the lack of dangerous capabilities combined with untrusted data.
- Ingestion points: Video files (
video_path) and audio transcripts (audio_transcript_path). - Boundary markers: None explicitly defined in the instructions for transcript content.
- Capability inventory:
ffmpeg(local execution),ruby(local script), and file system operations (mkdir,cp,rm,File.write). - Sanitization: The Ruby script performs standard JSON parsing without additional content validation, which is typical for this type of utility.
Audit Metadata