computer-vision-pipeline
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes external video and image data, creating a potential surface for indirect prompt injection where instructions could be embedded in the processed media.
- Ingestion points: Video files and images are read via OpenCV in
scripts/video_analyzer.pyandscripts/model_trainer.py. - Boundary markers: No explicit boundary markers or instructions to ignore embedded instructions are present in the processing scripts.
- Capability inventory: The skill utilizes
Bash(python, pip, ffmpeg), file system operations (shutil.copy), and file writing (cv2.imwrite,json.dump). - Sanitization: No sanitization or validation of the visual content is performed to prevent interpretation of embedded instruction data.
- [COMMAND_EXECUTION]: The skill requests permission to execute shell commands to facilitate model training and video processing.
- Evidence: The
allowed-toolssection inSKILL.mdspecifies access toBash(python*,pip*,ffmpeg*)which is used by the Python scripts to manage environment dependencies and manipulate video frames. - [EXTERNAL_DOWNLOADS]: The documentation provides instructions for acquiring external software and research repositories.
- Evidence: The skill references
ultralyticson PyPI and a third-party repositorygithub.com/abewley/sort.gitfor tracking functionality. While these are well-known resources in the computer vision community, they involve downloading external code at runtime.
Audit Metadata