utage-manual
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION]: The scripts
hls_downloader.py,screenshot_extractor.py, andtranscribe.pyuse the Pythonsubprocessmodule to executeffmpegandffprobecommands. These calls are essential for the skill's primary functions, such as downloading HLS streams, extracting audio tracks, and performing scene-based screenshot extraction. - [EXTERNAL_DOWNLOADS]: The skill requires users to install external binaries (
ffmpeg) and specific Python libraries (requests,imagehash,Pillow). It also involves downloading video segments from external domains likeutage-system.comandwasabisys.comduring the manual creation process. - [DATA_EXFILTRATION]: Audio files extracted from the processed videos are sent to the Groq API (
api.groq.com) for transcription. This is the documented and intended behavior for the transcription feature. - [CREDENTIALS_UNSAFE]: The skill utilizes a
GROQ_API_KEYfor its transcription service. The instructions and scripts are designed to read this key from a.envfile, which is a standard security practice for managing secrets in local development environments.
Audit Metadata