video-tutorial-maker
Pass
Audited by Gen Agent Trust Hub on Jun 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
ffmpeg,ffprobe, andedge-ttsto process audio and video files. These are well-known, standard utilities for media manipulation and speech synthesis, and their use here is aligned with the skill's primary function. - [PROMPT_INJECTION]: The skill processes user-provided inputs such as scripts and topics, which creates a surface for indirect prompt injection.
- Ingestion points: User-provided topics, outlines, and scripts in the workflow (SKILL.md).
- Boundary markers: There are no explicit delimiters or instructions provided to isolate user content from the agent's logic.
- Capability inventory: The skill has the ability to execute shell commands via
ffmpeg,ffprobe, andedge-tts. - Sanitization: No sanitization of the user-provided script is mentioned before it is passed to the text-to-speech or video rendering tools.
Audit Metadata