camsnap
Warn
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION]: The script uses
child_process.spawnto executeffmpegandffprobefor media processing. Several user-controllable parameters, specifically the--resizeand--timestampoptions, are interpolated directly into the video filter (-vf) argument string. This creates a vulnerability to FFmpeg Filter Injection, where an attacker could provide crafted strings to execute unauthorized filters such asmovieorscriptto read local files or perform other actions in the context of the FFmpeg process. - [CREDENTIALS_UNSAFE]: The skill manages camera credentials by storing them in a local JSON file (
~/.camsnap_credentials). Although the file is created with restricted filesystem permissions (mode 600), the credentials themselves are stored in plain text. This is a security risk as the secrets are exposed if the local filesystem is accessed by an attacker or a malicious process with the same user privileges. - [CREDENTIALS_UNSAFE]: When initiating a capture, the skill constructs a full RTSP URL that includes the camera username and password in cleartext. This URL is then passed as a command-line argument to the
ffmpegorffprobesubprocesses. On many operating systems, command-line arguments of running processes are visible to other users via system tools (e.g.,ps aux), leading to potential credential exposure.
Audit Metadata