videodb
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted data from video transcripts and visual scene descriptions, which are then interpolated into LLM prompts for analysis and summarization.
- Ingestion points: Data enters the agent context through
video.get_transcript_text()and real-time WebSocket events fromvisual_indexandaudio_indexchannels. - Boundary markers: Example prompts in the documentation do not include delimiters or instructions to ignore embedded commands within the processed media.
- Capability inventory: The skill utilizes shell execution (
Bash), Python script execution, and network operations via the VideoDB SDK. - Sanitization: No explicit sanitization or validation of the transcribed or described content is performed before it is sent to the LLM.
- [DATA_EXFILTRATION]: The desktop capture feature allows for the recording of screen and audio content. The documentation explicitly mentions using the skill to detect and alert on sensitive events such as the appearance of 'password fields', which poses a risk of capturing and exposing user credentials or private information.
- [COMMAND_EXECUTION]: The skill provides instructions to execute a local utility script (
scripts/ws_listener.py) in the background and encourages the use of inline Python commands and heredocs to interact with the VideoDB SDK. - [EXTERNAL_DOWNLOADS]: Fetches the
videodb(withcaptureextras) andpython-dotenvpackages from standard package registries during setup.
Audit Metadata