Skills
skills/thinkfleetai/thinkfleet-engine/video-editing/Gen Agent Trust Hub

video-editing

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instruct s the agent to execute ffmpeg and ffprobe binarie s for video m a nipul a tion. One exam p le incl u de s the -safe 0 flag in concatenation, which relax e s defaul t security path restriction s in the binary.
  • [PROMPT_INJECTION]: The use of shell tem p l a tes in SKILL.m d that incorporate user-provide d fil e nam e s and param eter s create s a surface for indirect prom pt injection.
  • Ingestion points: Untruste d data enter s via pl a cehol der s for input fil e s, water m a r k s, and fil ter specification s in shell com m a n d s.
  • Boundary m a r k e r s: No boundary m a r k e r s or instruction s to ignor e em bed ded instruction s are present in the com m a n d tem p l a tes.
  • Capabil ity inventor y: The skill util iz e s ffmpeg, ffprobe, and shell redirection (printf to fil e).
  • Sanitiz a tion: The re is no evidence of input val idation or sanitiz a tion to preven t com m a n d injection via special character s in fil e nam e s.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 05:15 AM