video-analyzer
Warn
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands using
yt-dlp,ffmpeg, andcurl. It directly interpolates user-controlled variables like the video URL and prompt text into these commands, creating a risk of command injection if the inputs contain shell metacharacters. The skill also includes a command that accesses local browser cookies (--cookies-from-browser chrome) for Bilibili authentication. - [EXTERNAL_DOWNLOADS]: The skill utilizes
yt-dlpto download media from external URLs. This involves fetching untrusted content from the internet and saving it to the local system. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection from the processed video content. Ingestion points: Video URL in
SKILL.md. Boundary markers: Absent in shell commands and API prompts. Capability inventory:yt-dlp,ffmpeg,curl,rm. Sanitization: Absent. - [SAFE]: The skill transmits data to the Volcengine API (
ark.cn-beijing.volces.com), which is a well-known service. This behavior is consistent with the skill's primary function.
Audit Metadata