The Agent Skills Directory

[COMMAND_EXECUTION]: In scripts/media_optimizer.py, the skill uses the eval() function to parse the r_frame_rate metadata field returned by ffprobe. While this is intended to convert fractional strings (e.g., '30/1') into floats, executing code on data derived from external file metadata is a security risk if the metadata can be manipulated to contain malicious Python expressions.
[COMMAND_EXECUTION]: The skill relies on subprocess.run to execute ffmpeg and ffprobe for media optimization and metadata extraction. Although it uses list-based arguments which mitigate shell injection, the execution of complex external binaries on untrusted user-provided media files poses an inherent risk of exploiting vulnerabilities in those codecs.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from various media formats.
Ingestion points: scripts/document_converter.py and scripts/gemini_batch_process.py read content from PDFs, images, audio, and video files.
Boundary markers: The prompts used for document conversion and analysis lack explicit boundary markers or 'ignore' instructions for embedded content.
Capability inventory: The skill possesses capabilities to read/write files and execute subprocesses (ffmpeg), which could be targeted by injected instructions.
Sanitization: No sanitization or validation of the content extracted from media files is performed before passing it to the LLM.

ai-multimodal