media-processing
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The skill relies on executing system-level commands like
magick,mogrify, andidentify. If used with untrusted input filenames, this creates a high risk of command injection attacks where an attacker can execute arbitrary code by crafting special filenames.\n- PRIVILEGE_ESCALATION (MEDIUM): The documentation suggests usingsudoto modify the ImageMagick policy file at/etc/ImageMagick-7/policy.xml. Modifying system configuration files with root privileges is a sensitive operation that could be abused to weaken system security.\n- INDIRECT_PROMPT_INJECTION (LOW): The skill processes untrusted media files. Maliciously crafted images can exploit vulnerabilities in the underlying ImageMagick or FFmpeg libraries to perform unauthorized actions.\n - Ingestion points: External media files processed by
magickandidentifytools.\n - Boundary markers: Absent; commands are shown with direct file path interpolation.\n
- Capability inventory: Shell command execution, file system read/write, and potential system policy modification.\n
- Sanitization: No evidence of filename sanitization or input validation in the provided examples.
Audit Metadata