videodb
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing untrusted data from video transcripts and visual descriptions.\n
- Ingestion points: Untrusted data enters the agent's context through methods like
video.get_transcript_text()and event logs stored in/tmp/videodb_events.jsonl.\n - Boundary markers: There are no explicit markers or instructions to the agent to ignore potentially malicious commands embedded within the transcript text.\n
- Capability inventory: The agent can execute Python code using the
videodbSDK via theBashtool, allowing for media manipulation and API interactions.\n - Sanitization: The skill does not describe any sanitization or validation of transcript content before it is interpolated into prompts for analysis.\n- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
videodbSDK andpython-dotenv. These are official vendor packages and well-known utilities.\n- [COMMAND_EXECUTION]: Functionality relies on the execution of Python code through theBashtool to interact with the VideoDB API, which is the primary intended behavior of the skill.\n- [DATA_EXFILTRATION]: The providedws_listener.pyscript saves WebSocket event data to local files in the/tmpdirectory (/tmp/videodb_events.jsonl). This is used for local session monitoring and does not involve sending sensitive data to unauthorized external endpoints.
Audit Metadata