Skills
skills/digitalsamba/claude-code-video-toolkit/playwright-recording/Gen Agent Trust Hub

playwright-recording

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (MEDIUM): Potential command injection in utility functions.
  • Evidence: The getVideoDuration and getFrameCount functions in reference.md use child_process.execSync to execute ffprobe with the ${filePath} variable interpolated directly into the command string.
  • Risk: If the filePath variable is influenced by external or untrusted data (such as a filename downloaded from a website) and contains shell metacharacters (e.g., backticks or semicolons), an attacker could execute arbitrary commands on the host system.
  • [INDIRECT_PROMPT_INJECTION] (LOW): Vulnerability surface for indirect prompt injection due to data ingestion capabilities.
  • Ingestion points: page.goto(url) and page.evaluate() in the recording script template ingest and execute content from external web pages.
  • Boundary markers: Absent; there are no instructions or delimiters to prevent the agent from obeying instructions embedded in the target web content.
  • Capability inventory: The skill template demonstrates high-privilege capabilities including shell command execution (execSync), file system access (fs.mkdirSync, fs.renameSync), and browser script execution (page.evaluate).
  • Sanitization: Absent; no sanitization or validation of the URL, page content, or resulting filenames is provided in the reference code.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 05:30 PM