extract-moves-from-video
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill's primary purpose is to ingest untrusted data (video recordings) to extract command-style text, which presents a classic indirect injection surface.
- Ingestion points: External video files are processed via FFmpeg and OCR (Step 3 and Step 5).
- Boundary markers: No specific boundary markers or 'ignore' instructions are provided to the agent to distinguish between the extracted data and its own system instructions.
- Capability inventory: This is a guidance skill; the provided snippets (Python/Bash) are local and do not include automated network exfiltration or direct execution of the extracted text, though the extracted text is intended to be used as commands elsewhere.
- Sanitization: The skill suggests regex-based filtering (e.g., looking for prompt characters like '>') to extract commands, which provides a basic level of input validation but cannot prevent malicious instructions embedded within the video text.
- External Downloads (INFO): The skill suggests using 'yt-dlp' and 'ffmpeg' for video processing. These are widely trusted industry-standard tools.
Audit Metadata