Skills
skills/terminalskills/skills/ai-video-generator/Gen Agent Trust Hub

ai-video-generator

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill integrates with well-known and trusted technology services including OpenAI, Anthropic, ElevenLabs, and Pexels for its core functionality.
  • [COMMAND_EXECUTION]: Uses subprocess.run to invoke ffmpeg for video processing. The implementation uses list-based arguments without shell=True, which is a secure method for executing system commands.
  • [EXTERNAL_DOWNLOADS]: Fetches stock video content from Pexels and audio assets from ElevenLabs/OpenAI. These operations target official API endpoints of well-known services.
  • [CREDENTIALS_UNSAFE]: Correctly utilizes environment variables via os.environ to handle sensitive API keys for ElevenLabs and Pexels, avoiding hardcoded secrets.
  • [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection where user-provided 'topics' are interpolated into an LLM prompt. This is a common pattern in content generation tools and is considered low risk in this context as the output is restricted to generating video scripts.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 03:06 PM