video-screenshot
Pass
Audited by Gen Agent Trust Hub on Jun 30, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Python
subprocessmodule to executeffmpegandffprobefor video processing and metadata extraction. These operations are performed using list-based argument passing, which effectively prevents command injection vulnerabilities. These executions are central to the skill's stated purpose of video frame extraction. - [EXTERNAL_DOWNLOADS]: The skill identifies dependencies including
Pillowandrapidocr-onnxruntime. These are standard, well-known packages used for image processing and OCR, and are managed by theuvtool through standard package registries. - [DATA_EXPOSURE]: The tool generates local output files (images and JSON reports) and maintains a local archive within the skill's directory. No network exfiltration or unauthorized access to sensitive system files was detected.
- [PROMPT_INJECTION]: The
SKILL.mdinstructions and trigger words are focused on the intended utility and do not contain patterns attempting to override agent safety guidelines or extract system prompts.
Audit Metadata