video-production
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
subprocess.runinscripts/stitch_videos.pyandscripts/create_title_slides.pyto executeffmpegandffprobe. Commands are constructed using argument lists, which prevents shell injection. - [EXTERNAL_DOWNLOADS]: The
scripts/gdrive_video_download.pyscript downloads video files from Google Drive using thepydrive2library. As Google Drive is a well-known service, these downloads are considered safe within the intended context of the skill. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface (Category 8). 1. Ingestion points: Untrusted video filenames are retrieved from Google Drive in
scripts/gdrive_video_download.pyand processed inscripts/generate_youtube_description.py. 2. Boundary markers: The generated YouTube descriptions inscripts/generate_youtube_description.pydo not utilize delimiters or specific warnings to ignore instructions embedded in segment titles. 3. Capability inventory: The skill has significant capabilities including executing system commands viasubprocess.run(FFmpeg) and writing files to the local file system. 4. Sanitization: Filenames are cleaned using basic regex to remove episode prefixes and illegal characters, but this does not prevent instructions embedded in titles from being included in the generated markdown output.
Audit Metadata