Skills
skills/zephyrwang6/myskill/ffmpeg-usage/Gen Agent Trust Hub

ffmpeg-usage

Fail

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires the use of sudo to install dependencies (sudo apt-get install ffmpeg), which facilitates execution with root-level privileges.
  • [COMMAND_EXECUTION]: Provides batch processing and concatenation shell scripts that utilize loops and command substitution (for i in *.mov; do ... and <(printf ...)>) without proper filename sanitization, creating a vulnerability to command injection if media files have malicious names.
  • [EXTERNAL_DOWNLOADS]: Interacts with a non-standard local service at http://127.0.0.1:18923 to perform transcription, involving the transmission of absolute local file paths to an unverified local process.
  • [EXTERNAL_DOWNLOADS]: Recommends downloading and installing third-party software from external package managers such as Homebrew and Chocolatey.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface when handling untrusted local files.
  • Ingestion points: Local filenames and media metadata processed by FFmpeg commands defined in SKILL.md.
  • Boundary markers: Partially present through the use of double quotes in some shell variables, but absent in printf and concat examples.
  • Capability inventory: Includes privileged command execution (sudo), full filesystem access via ffmpeg, and local network operations via curl.
  • Sanitization: Lacks any validation or escaping mechanisms for input filenames or extracted media content.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 20, 2026, 12:29 PM