media-processing
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses ffprobe to inspect file metadata and ffmpeg to perform media processing tasks such as trimming, merging, and format conversion. It includes instructions to quote input file paths to mitigate basic shell injection risks.
- [PROMPT_INJECTION]: Evaluated for indirect prompt injection risks.
- Ingestion points: Metadata from user-provided files is ingested via the ffprobe command in SKILL.md.
- Boundary markers: No explicit delimiters are defined for the JSON data returned by ffprobe.
- Capability inventory: The skill allows the execution of arbitrary ffmpeg commands, including those with custom parameters in Pro mode.
- Sanitization: The skill relies on the agent's knowledge of tool safety and uses shell-style quoting for input variables.
Audit Metadata