Video Processor
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- COMMAND_EXECUTION (HIGH): The skill relies on a local Python script (
scripts/video_processor.py) that executes shell commands (FFmpeg). There is a significant risk of shell injection if the script does not rigorously sanitize the file paths provided as CLI arguments. - INDIRECT_PROMPT_INJECTION (HIGH): The 'transcribe' functionality processes external audio content and returns it to the agent's context. This creates a surface for indirect prompt injection where malicious instructions embedded in the audio (e.g., spoken commands) could manipulate the agent's subsequent actions.
- Ingestion points:
video_processor.pyreads user-provided video and audio files. - Boundary markers: None specified in the instructions to delimit transcript content from agent instructions.
- Capability inventory: The skill can execute subprocesses (FFmpeg), write files to the local system, and generate transcripts that influence agent reasoning.
- Sanitization: No evidence of sanitization for the content of transcripts or validation of input file metadata.
- EXTERNAL_DOWNLOADS (MEDIUM): The skill requires manual installation of system-level binaries (
ffmpeg) and Python packages (openai-whisper) from external sources that are not within the explicitly defined trust scope for this analysis.
Recommendations
- AI detected serious security threats
Audit Metadata