media-processing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill facilitates the execution of media processing tools. The Python implementation in
scripts/media_convert.pycorrectly usessubprocess.runwith a list of arguments, which is the secure way to prevent shell injection vulnerabilities when handling external files. - PRIVILEGE_ESCALATION (SAFE): The documentation includes standard commands for installing system dependencies (e.g.,
sudo apt-get install). These are legitimate and required for the primary function of the skill. - INDIRECT_PROMPT_INJECTION (LOW): The skill handles untrusted media data, which is an inherent risk for indirect injection, though mitigated here. 1. Ingestion points: Media files and their metadata analyzed by
ffprobeas seen inreferences/ffmpeg-streaming.md. 2. Boundary markers: Not explicitly defined in prompt templates. 3. Capability inventory: Execution offfmpeg,magick, andffprobebinaries viasubprocess.runinscripts/media_convert.py. 4. Sanitization: The skill employs list-based argument passing in Python, ensuring that metadata or filenames cannot be interpreted as shell commands.
Audit Metadata