compress-video
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill performs video analysis and transcoding using
ffmpegandffprobe. These operations are restricted to the tools explicitly declared in the skill metadata. - [SAFE]: All Bash command templates use double quotes for variable interpolation (e.g.,
"$INPUT","$OUTPUT"), which prevents shell injection attacks through malicious file names. - [SAFE]: The bitrate calculation script (
scripts/calc_bitrate.py) utilizessubprocess.runwith an argument list rather than a shell string, effectively mitigating command injection risks during its calls toffprobe. - [SAFE]: Analysis of the instructions and scripts reveals no evidence of prompt injection, data exfiltration, or obfuscated content.
Audit Metadata