video-clip-extractor
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill clones the orchestrator source code from the author's public GitHub repository to the local environment (~/.local/share/openclip).
- [COMMAND_EXECUTION]: Uses the system shell to manage the tool's lifecycle, including repository cloning with git, dependency synchronization with uv, and video manipulation via ffmpeg.
- [PROMPT_INJECTION]: The skill ingests untrusted external data (video transcripts and subtitles) which are processed by an LLM to determine engagement scores, creating a potential indirect prompt injection surface.
- Ingestion points: Transcripts are pulled from video URLs (YouTube/Bilibili) or generated from video files using Whisper AI.
- Boundary markers: No specific delimiters or safety warnings for the LLM are described in the instruction file to isolate untrusted transcript data.
- Capability inventory: The skill possesses file-write and execution capabilities through subprocess calls to ffmpeg for cutting and rendering video clips.
- Sanitization: No automated sanitization or filtering of transcript content is mentioned before it is processed by the LLM.
Audit Metadata