parallax-landing-page
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a Python script (
scripts/extract_frames.py) that uses thesubprocessmodule to callffmpegandffprobe. This is used to analyze the source video and extract frames as high-quality JPEGs. The script correctly passes arguments as a list, which is a secure practice that prevents shell injection attacks. - [EXTERNAL_DOWNLOADS]: The generated HTML templates (
assets/hub-template.htmlandassets/landing-page-template.html) include links to load typography from Google Fonts (fonts.googleapis.comandfonts.gstatic.com). These are standard, well-known services used for web design and do not pose a security risk. - [SAFE]: The skill follows secure development practices. It uses local scripts for file processing, handles user-provided paths safely within defined project directories, and manages assets (CSS/JS) by copying them from the skill's own assets folder to the target project location. No data exfiltration, obfuscation, or persistence mechanisms were detected.
Audit Metadata