skills/athina-ai/goose-skills/watch/Gen Agent Trust Hub

watch

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands using ffmpeg and ffprobe to analyze and process a user-provided local video file. Using a file path provided in user input as a command argument presents a potential command injection vector if the input is not strictly validated or sanitized by the underlying execution environment.
  • Evidence: SKILL.md workflow steps 1 and 5.
  • [DATA_EXFILTRATION]: When the transcription feature is enabled, the skill extracts audio from the local video and sends it to external providers (Groq or OpenAI) for processing. This data transfer is consistent with the skill's stated purpose and targets well-known services.
  • Evidence: SKILL.md workflow step 6 and references/parameters.md.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via the focus parameter, which allows free-text instructions to influence the agent's observation report.
  • Ingestion points: The focus input parameter (SKILL.md) and the contents of the processed video file (audio and visuals).
  • Boundary markers: None identified in the workflow for separating caller-supplied instructions in the focus field or the transcribed text from the agent's core instructions.
  • Capability inventory: The skill can read local files, execute system commands (ffmpeg, ffprobe), write multiple output files (observation.md, manifest.json), and perform network requests to transcription APIs.
  • Sanitization: No specific sanitization, escaping, or validation of the focus input or the transcribed audio content is described before these data points are used to compose the observation report.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 06:17 AM
Security Audit — agent-trust-hub — watch