gemini-video-understanding
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill processes arbitrary user prompts alongside untrusted video data in
scripts/analyze_video.py, creating a surface for indirect prompt injection where the AI might follow instructions found within the video itself.\n - Ingestion points: Local video files and YouTube URLs are processed via the
google-genailibrary.\n - Boundary markers: No explicit delimiters or instructions are used to distinguish the user's prompt from the content derived from the video data.\n
- Capability inventory: The skill is capable of reading local files and initiating network connections to Google's API endpoints.\n
- Sanitization: No sanitization or validation logic is implemented for the prompt or the video content data.\n- [EXTERNAL_DOWNLOADS]: The skill relies on the
google-genaipackage, which is an official and well-known library from Google.\n- [COMMAND_EXECUTION]: Functionality is provided through Python scripts (scripts/analyze_video.pyandscripts/check_api_key.py) intended for CLI execution.\n- [DATA_EXFILTRATION]: The skill uploads local video files to the Google Gemini Files API for processing, which is a required step for analyzing files larger than 20MB.
Audit Metadata