Skills
skills/feniix/kinemotion/video-analysis-workflow/Gen Agent Trust Hub

video-analysis-workflow

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill processes untrusted external video files while possessing command execution capabilities, which can be exploited if the processing tools (kinemotion/FFmpeg) have vulnerabilities or if the video metadata contains injection payloads.
  • Ingestion points: Video files processed via CLI commands (<video>, videos/*.mp4) and Python API calls in SKILL.md.
  • Boundary markers: Absent. There are no instructions to the agent to treat video data as untrusted or to ignore embedded metadata.
  • Capability inventory: Allowed tools include Bash(uv run kinemotion:*), Read, and Glob. This provides a shell execution path for the results of the data processing.
  • Sanitization: Absent. While ffmpeg is suggested for rotation issues, there is no security-focused sanitization of the input files.
  • Unverifiable Dependencies (MEDIUM): The skill relies on the kinemotion package, which is not from a trusted source or organization listed in the security policy.
  • Evidence: Use of uv run kinemotion in analysis commands and the Python API from kinemotion import ... in SKILL.md.
  • Command Execution (LOW): The skill requires shell access (Bash) to function. While scoped to kinemotion:*, this still allows execution of arbitrary arguments passed to the third-party binary.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 06:01 AM