ffmpeg
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of markdown documentation and contains no executable scripts or binary files, presenting no direct risk of unauthorized code execution or persistence.
- [COMMAND_EXECUTION]: Provides standard command-line examples for ffmpeg and ffprobe for media transcoding, filtering, and analysis. These tools are used as intended for their primary multimedia purpose.
- [EXTERNAL_DOWNLOADS]: References the installation of FFmpeg and related libraries through official system package managers such as apt-get from trusted operating system repositories.
- [PROMPT_INJECTION]: No direct prompt injection attempts were detected in the instructions. The skill presents a surface for indirect prompt injection because it processes untrusted media files and external stream URLs.
- Ingestion points: Media files (e.g., input.mp4) and stream URLs (e.g., RTMP) are processed by the tool.
- Boundary markers: The provided command templates do not include specific delimiters or instructions to ignore potential metadata-based injection.
- Capability inventory: The skill utilizes file system read/write, network streaming, and hardware capture capabilities.
- Sanitization: The documentation does not specify sanitization or validation of user-provided input strings or file contents.
Audit Metadata