processing-video
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill documents legitimate use of the pre-installed ffmpeg toolkit. No malicious code, obfuscation, or unauthorized network operations were found in the provided files.
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using ffmpeg, ffprobe, and ffplay. These operations are limited to the intended scope of media processing and do not attempt privilege escalation or persistence.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes untrusted media files (e.g., input.mp4 and subs.srt referenced in SKILL.md). There are no boundary markers or sanitization steps described to mitigate instructions that could be embedded in media metadata or subtitle content. Ingestion points: local file paths provided to ffmpeg. Capability inventory: shell-based media manipulation. Sanitization: none. Severity is assessed as SAFE as the behavior is expected for this utility type.
Audit Metadata