video-processor
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes external binaries including
ffmpeg,yt-dlp, andwhisperto perform media processing tasks. These system calls are implemented usingsubprocess.runwith argument lists (shell=False), which effectively prevents shell injection vulnerabilities from malicious URLs or file names. - [EXTERNAL_DOWNLOADS]: The skill facilitates the download of video and audio content from external hosting platforms via
yt-dlp. This behavior is transparently documented and aligns with the primary purpose of the skill. - [SAFE]: No malicious patterns, such as hardcoded credentials, obfuscation, or persistence mechanisms, were detected. The skill uses well-known, reputable dependencies and includes appropriate logic for temporary file management and input validation.
Audit Metadata