video-to-text
Warn
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: Executes a shell script (
download-ggml-model.sh) from a user-provided or repository-relative path. Evidence:bash download-ggml-model.sh basewithin the project directory. - [COMMAND_EXECUTION]: Provides instructions to run various system-level commands and start a local web server, increasing the local attack surface. Evidence:
npm link,brew install,video2text serve,video2text extract. - [EXTERNAL_DOWNLOADS]: Fetches AI models and installs packages from the NPM registry and third-party Homebrew taps. Evidence:
npm install -g @wangjs-jacky/video2text,brew tap fyrfyrr/f2. - [CREDENTIALS_UNSAFE]: Encourages the use of raw authentication cookies as command-line arguments, which can lead to sensitive data exposure in process lists or logs. Evidence:
video2text extract <URL> -c "<cookie内容>". - [PROMPT_INJECTION]: Vulnerable to indirect prompt injection via malicious video URLs or platform metadata. Evidence: 1. Ingestion: Video URLs and platform metadata via
yt-dlp. 2. Boundary markers: Absent. 3. Capabilities: Subprocess execution (ffmpeg,yt-dlp), network access, and local file writes. 4. Sanitization: No explicit sanitization of external metadata.
Audit Metadata