Skills
skills/siviter-xyz/dot-agent/media-processing/Gen Agent Trust Hub

media-processing

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The script media_convert.py uses the subprocess module to execute system binaries (FFmpeg, ImageMagick). It correctly passes arguments as a list of strings and avoids shell=True, which prevents shell injection vulnerabilities from untrusted file names or parameters.
  • [EXTERNAL_DOWNLOADS] (SAFE): The skill requires system-level installation of FFmpeg and ImageMagick. The documentation provides standard installation instructions using trusted system package managers (apt, brew, choco).
  • [DATA_EXPOSURE] (SAFE): No evidence of hardcoded credentials, sensitive file access, or unauthorized network exfiltration was found in the script or documentation.
  • [PROMPT_INJECTION] (SAFE): The instructions in SKILL.md and the reference documentation are purely functional and do not contain patterns designed to override agent behavior or bypass safety filters.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:26 PM