The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The scripts/local_ffmpeg_tool.py script automatically downloads a static FFmpeg binary from an external third-party domain (johnvansickle.com) if the utility is not already present on the host system.
[REMOTE_CODE_EXECUTION]: After downloading the FFmpeg binary, the skill uses os.chmod to grant it executable permissions and subsequently executes it via subprocess.run, constituting a remote code execution vector from an unverified source.
[DATA_EXFILTRATION]: In scripts/local_ffmpeg_tool.py, the _url_to_local function is configured to explicitly disable SSL/TLS certificate verification (ssl.CERT_NONE) if a standard download fails. This allows for Man-in-the-Middle (MitM) attacks where an attacker could intercept or modify media data and binaries.
[COMMAND_EXECUTION]: The skill relies heavily on subprocess.run to execute complex shell commands for FFmpeg processing. While the script attempts to sanitize some inputs, the extensive use of shell execution with user-provided parameters (such as URLs and filter options) presents a broad attack surface.
[PROMPT_INJECTION]: The understand_video_content feature ingests untrusted user prompts and video URLs, feeding them into a cloud-based AI model. The skill instructions mandate that the host agent automatically parse and follow the resulting model output, creating a vulnerability to indirect prompt injection where a malicious video or prompt could influence the agent's subsequent actions.

byted-mediakit-process-tools