Skills
skills/zrt-ai-lab/opencode-skills/video-creator/Gen Agent Trust Hub

video-creator

Pass

Audited by Gen Agent Trust Hub on Feb 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes system-level commands to process media files and generate videos.
  • Evidence: scripts/video_maker.py and scripts/verify_alignment.py utilize the subprocess.run module to call ffmpeg and ffprobe.
  • Context: Commands are constructed using argument lists rather than shell strings, which is a standard security practice to prevent shell injection vulnerabilities.
  • [EXTERNAL_DOWNLOADS]: The skill requires several external tools and libraries to function.
  • Evidence: The README.md and SKILL.md specify dependencies on ffmpeg, edge-tts, and pyyaml.
  • Context: These are widely recognized and trusted open-source utilities and libraries. The edge-tts package communicates with official Microsoft Edge TTS services, which is the intended purpose of the skill.
  • [DATA_EXPOSURE]: The skill processes project-specific configuration and assets.
  • Evidence: Scripts read narration.json, video_config.yaml, and user-generated images/audio within the assets/generated/ workspace.
  • Context: File access is confined to the local project environment, with no evidence of accessing sensitive system paths (e.g., SSH keys) or unauthorized network exfiltration.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 23, 2026, 04:07 PM