The Agent Skills Directory

[COMMAND_EXECUTION]: The skill extensively uses subprocess.run to call system tools like ffmpeg, ffprobe, and chrome. These operations are central to the skill's purpose (video processing and rendering). Technical review confirms that all shell commands use properly escaped paths and parameterized arguments to prevent command injection.
[EXTERNAL_DOWNLOADS]: The skill identifies and downloads various open-source fonts (e.g., Noto Sans SC, LXGW WenKai) from trusted repositories on GitHub and well-known CDNs like jsDelivr. These assets are used exclusively for rendering text in the video and pose no security risk.
[DATA_EXPOSURE]: A local media library system is implemented using JSON or SQLite to index video assets. The implementation uses parameterized SQL queries via the standard sqlite3 library, preventing potential injection vulnerabilities and ensuring data is handled safely within the project scope.
[DYNAMIC_EXECUTION]: The skill dynamically generates ASS subtitle files and HTML/CSS templates to produce high-quality video covers and overlays. These generated files are used as inputs for standard media tools and do not involve the execution of untrusted logic or code.
[SAFE_PRACTICES]: The skill includes an environment diagnostic utility (utils.py) that helps users identify and install missing dependencies. It also prioritizes hardware-accelerated encoders (NVENC, VideoToolbox, QSV) and implements single-pass rendering to maintain video quality, reflecting professional development standards.

video-editing