Skills
skills/aviz85/claude-skills-library/translate-video/Gen Agent Trust Hub

translate-video

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes shell commands to manage its workflow. It uses ffmpeg for audio extraction and subtitle embedding, and npm for managing script dependencies. It also uses the open command on macOS to show the final output to the user.
  • [EXTERNAL_DOWNLOADS]: The skill instructions specify running npm install to set up the execution environment for helper scripts, which involves downloading packages from the public NPM registry.
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface:
  • Ingestion points: Transcription content generated from user-provided video files is processed directly by the AI in Step 2 (Translation) and Step 3 (Refinement) of the pipeline.
  • Boundary markers: No specific delimiters or safety instructions are used to isolate the transcription text from the AI's processing logic.
  • Capability inventory: The skill environment includes file system access and shell command execution capabilities (FFmpeg, npm, npx).
  • Sanitization: There is no evidence of sanitization or filtering of the transcription text before it is presented to the AI for processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 03:48 AM