Skills
skills/bytedance/agentkit-samples/byted-mediakit-tools/Gen Agent Trust Hub

byted-mediakit-tools

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads static FFmpeg binaries from a third-party domain (johnvansickle.com) if they are not pre-installed on the system.
  • [COMMAND_EXECUTION]: Local media tasks are handled by executing FFmpeg commands via subprocess.run using argument lists to prevent shell injection.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted prompts and video URLs that are passed to AI models.
  • Ingestion points: user-provided prompt and video_url in scripts/main.py.
  • Boundary markers: Absent in the model request construction in scripts/amk_client/api_request.py.
  • Capability inventory: Subprocess execution (scripts/local_ffmpeg_tool.py), file system writes, and network operations.
  • Sanitization: Basic protocol checks (http/https) for URLs.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 03:14 AM