ffmpeg-media
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted media files which can be used to exploit tool vulnerabilities or read local files via specific formats like HLS or the concat demuxer. 1. Ingestion points: External media files and manifest files (e.g., input.mp4, list.txt). 2. Boundary markers: Absent. 3. Capability inventory: Execution of arbitrary ffmpeg commands. 4. Sanitization: No validation or sanitization of input file content or paths is specified.
- [Command Execution] (SAFE): The provided FFmpeg examples for transcoding, scaling, and filtering are standard, well-documented utility patterns.
Audit Metadata