byted-mediakit-process-tools
Warn
Audited by Snyk on May 18, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill accepts and fetches arbitrary http/https resources (e.g., video_url in reference/understand_video_content.md and sources/image_url/audio_url in the reference docs) and the runtime explicitly downloads remote media (scripts/local_ffmpeg_tool.py::_url_to_local) and sends video content into the understand_video_content chat/completions flow, so untrusted third-party content is read and can materially influence model outputs and subsequent agent behavior.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The skill's local fallback installs FFmpeg at runtime by downloading and extracting the static tarball from https://johnvansickle.com/ffmpeg/releases/ffmpeg-release-amd64-static.tar.xz, which supplies executable binaries that are run locally and are required for the skill's local processing path.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata