videodb
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill frequently generates and executes Python code blocks using the Bash tool. These scripts interact with the VideoDB SDK to perform complex operations like video transcoding, timeline editing, and live stream ingestion. While this is the intended mode of operation, it represents a significant capability level.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality of analyzing untrusted data.\n
- Ingestion points: Untrusted content enters the agent context through external video URLs (e.g., in
coll.upload), RTSP/RTMP live feeds (incoll.connect_rtstream), and real-time desktop capture sessions.\n - Boundary markers: The provided examples for LLM analysis (e.g.,
coll.generate_text) do not use explicit delimiters or instructions to ignore embedded commands within transcripts or visual descriptions.\n - Capability inventory: The agent has the ability to execute arbitrary Python code via the
Bashtool and perform file/network operations across all scripts.\n - Sanitization: There is no evidence of sanitization, filtering, or escaping of the ingested transcripts or visual descriptions before they are interpolated into LLM prompts.\n- [EXTERNAL_DOWNLOADS]: During the setup phase, the skill instructs the user or agent to install the
videodbandpython-dotenvpackages from the public PyPI registry.
Audit Metadata