video-tutorial-maker

Pass

Audited by Gen Agent Trust Hub on Jun 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses ffmpeg, ffprobe, and edge-tts to process audio and video files. These are well-known, standard utilities for media manipulation and speech synthesis, and their use here is aligned with the skill's primary function.
  • [PROMPT_INJECTION]: The skill processes user-provided inputs such as scripts and topics, which creates a surface for indirect prompt injection.
  • Ingestion points: User-provided topics, outlines, and scripts in the workflow (SKILL.md).
  • Boundary markers: There are no explicit delimiters or instructions provided to isolate user content from the agent's logic.
  • Capability inventory: The skill has the ability to execute shell commands via ffmpeg, ffprobe, and edge-tts.
  • Sanitization: No sanitization of the user-provided script is mentioned before it is passed to the text-to-speech or video rendering tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 30, 2026, 05:28 PM
Security Audit — agent-trust-hub — video-tutorial-maker