media-processing
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [Privilege Escalation] (HIGH): The installation instructions for Ubuntu/Debian recommend using 'sudo apt-get install', which grants administrative privileges to the package manager and full system access during setup.
- [Indirect Prompt Injection] (HIGH): The skill processes untrusted external content (media files) using complex parsers that are susceptible to 'media polyglot' and parser-specific exploits. 1. Ingestion points: Multimedia files such as .mp4, .mkv, and .jpg processed via CLI tools. 2. Boundary markers: Absent. 3. Capability inventory: Powerful CLI tools ('ffmpeg', 'magick', 'mogrify') capable of executing complex filtergraphs and writing to the filesystem. 4. Sanitization: No sanitization or validation of input file integrity is performed.
- [Command Execution] (MEDIUM): The troubleshooting section encourages users to modify the ImageMagick 'policy.xml' to permit processing of formats like PDF, which significantly increases the attack surface for remote code execution via vulnerabilities in underlying libraries like Ghostscript.
Recommendations
- AI detected serious security threats
Audit Metadata