cli-anything-kdenlive
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the 'cli-anything-kdenlive' package using pip, which is the core component of the skill. This is a standard installation procedure for the provided tool.
- [COMMAND_EXECUTION]: The agent is instructed to use the 'cli-anything-kdenlive' command-line tool to perform various video editing operations, such as project creation, clip management, and rendering.
- [PROMPT_INJECTION]: The skill processes external data, creating a surface for indirect prompt injection.
- Ingestion points: The agent ingests data from project files ('project open') and media assets ('bin import') as described in SKILL.md.
- Boundary markers: Absent; there are no instructions to the agent to treat external content as untrusted or to use delimiters.
- Capability inventory: The agent has the ability to execute the 'cli-anything-kdenlive' tool and write project/export files to the filesystem.
- Sanitization: Absent; the skill does not specify any validation or filtering mechanisms for the ingested project or media metadata.
Audit Metadata