Skills
skills/verging-ai/agent-skills/faceswap/Gen Agent Trust Hub

faceswap

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes ffmpeg and ffprobe for video duration detection and trimming, and curl for interacting with the service API.\n- [EXTERNAL_DOWNLOADS]: Fetches remote media content from user-provided URLs and uploads processed data to verging.ai API endpoints and Cloudflare R2 storage.\n- [PROMPT_INJECTION]: Indirect prompt injection surface detected through the ingestion of external media files.\n
  • Ingestion points: Local and remote video and image files specified in command arguments (e.g., --video, --face) are processed by the skill.\n
  • Boundary markers: No explicit boundary markers or 'ignore' instructions are present to mitigate potential instructions embedded in media metadata or content; the skill relies on remote service processing.\n
  • Capability inventory: Includes subprocess execution (ffmpeg, ffprobe), network communication (curl), and local filesystem access (read/write in /tmp/verging-faceswap/).\n
  • Sanitization: No explicit validation or sanitization of media metadata or binary content is performed before local processing or upload.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 01:59 AM