video-transcripts
Warn
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The script
scripts/generate_video_transcript.shprogrammatically accesses the Linear desktop application's cookie database located at~/Library/Application Support/Linear/Cookies. It extracts session cookies using a Python script to enable authenticated downloads of Linear attachments. - [EXTERNAL_DOWNLOADS]: The script utilizes
curlto download video files from well-known external sources such asuploads.linear.appand GitHub attachment domains. - [COMMAND_EXECUTION]: The script sources the user's
~/.bash_profileand executes various system binaries such aspython3,jq,curl, andgh. Sourcing a shell profile executes all commands within it, which can be risky if the file is compromised. - [DATA_EXFILTRATION]: Video files and associated metadata are uploaded to the Google Gemini API (
generativelanguage.googleapis.com). This involves the transmission of potentially sensitive video content to an external service for processing. - [PROMPT_INJECTION]: The skill processes external video content and user-supplied titles that are interpolated into a prompt for the Gemini model. While it includes XML boundary markers and escapes the title attribute, it is potentially susceptible to indirect prompt injection via the media content.
- Ingestion points: Video URLs and titles in
scripts/generate_video_transcript.sh. - Boundary markers: XML tags in the model prompt.
- Capability inventory: Subprocess calls to shell utilities and a Python interpreter in
scripts/generate_video_transcript.sh. - Sanitization: The script uses the
escape_xml_attrfunction to sanitize the title input.
Audit Metadata