feature-video
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill makes extensive use of local CLI tools including
gh(GitHub CLI) for PR management,gitfor repository context, andffmpegfor video processing. It also leverages an externalagent-browsertool for browser automation and screenshot capture. - [EXTERNAL_DOWNLOADS]: The skill references well-known and trusted external resources, including the installation of
ffmpegandghvia standard package managers. It also automates the upload of video files to GitHub's official attachment service (user-attachments/assets/). - [PROMPT_INJECTION]: The skill is subject to indirect prompt injection because it ingests untrusted data from GitHub PR titles and descriptions.
- Ingestion points: PR details and file lists fetched via
gh pr viewin Step 2. - Boundary markers: None identified for data interpolation.
- Capability inventory: Includes browser navigation, file system writes, and PR description updates.
- Sanitization: The skill mitigates this risk by requiring the user to explicitly confirm the 'Proposed Video Flow' in Step 3 before any recording or automation begins.
- [DATA_EXFILTRATION]: While the skill captures screenshots of a local development environment and uploads them externally, the destination is a well-known service (GitHub) and the operation is the central, documented purpose of the skill. No unauthorized exfiltration patterns were detected.
Audit Metadata