The Agent Skills Directory

[COMMAND_EXECUTION]: The skill performs system operations by calling the ffmpeg binary directly and through a provided Python utility script (scripts/ffmpeg_helper.py). The helper script utilizes subprocess.run() to execute commands. The implementation follows security best practices by passing command arguments as a list rather than a shell string, effectively preventing common shell injection vectors.\n- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes external files (media) and user-provided strings (filenames, timestamps) which could theoretically contain malicious content designed to influence agent behavior. Ingestion points: Filenames and command-line arguments provided to the scripts/ffmpeg_helper.py script. Boundary markers: Absent; there are no specific instructions to the agent to ignore content within processed file metadata. Capability inventory: File system access and system command execution via subprocess.run in scripts/ffmpeg_helper.py. Sanitization: The use of list-based arguments in subprocess.run provides technical isolation from shell interpolation, but the skill does not perform logic-level sanitization of input strings.\n- [SAFE]: Extensive analysis of the skill's logic, scripts, and documentation revealed no evidence of data exfiltration, credential theft, persistence mechanisms, or obfuscated content.

media-files-conversion-ffmpeg