The Agent Skills Directory

[PROMPT_INJECTION]: The scripts/video_understand.py script accepts user-defined instructions and interpolates them directly into a JSON payload sent to the Volcengine API. This presents a surface for indirect prompt injection.
Ingestion points: The instruction argument and the local video_path processed in scripts/video_understand.py.
Boundary markers: No delimiters or specific system instructions are included to prevent the model from following potentially malicious instructions embedded in the input text or detected within the video content.
Capability inventory: The script performs network operations using the requests library to transmit data to the remote API and process the returned analysis.
Sanitization: There is no evidence of input validation or escaping for the user-supplied text before it is sent to the Large Language Model endpoint.
[EXTERNAL_DOWNLOADS]: The skill transmits video data and metadata to https://ark.cn-beijing.volces.com. This is the official endpoint for Volcengine (ByteDance's cloud service), which is a well-known technology provider.
[COMMAND_EXECUTION]: The skill is designed to be executed via the command line to process files on the local filesystem using the provided Python script scripts/video_understand.py.

volcengine-video-understanding