video-screenshot

Pass

Audited by Gen Agent Trust Hub on Jun 30, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Python subprocess module to execute ffmpeg and ffprobe for video processing and metadata extraction. These operations are performed using list-based argument passing, which effectively prevents command injection vulnerabilities. These executions are central to the skill's stated purpose of video frame extraction.
  • [EXTERNAL_DOWNLOADS]: The skill identifies dependencies including Pillow and rapidocr-onnxruntime. These are standard, well-known packages used for image processing and OCR, and are managed by the uv tool through standard package registries.
  • [DATA_EXPOSURE]: The tool generates local output files (images and JSON reports) and maintains a local archive within the skill's directory. No network exfiltration or unauthorized access to sensitive system files was detected.
  • [PROMPT_INJECTION]: The SKILL.md instructions and trigger words are focused on the intended utility and do not contain patterns attempting to override agent safety guidelines or extract system prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 30, 2026, 04:03 PM
Security Audit — agent-trust-hub — video-screenshot