parallax-landing-page

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes a Python script (scripts/extract_frames.py) that uses the subprocess module to call ffmpeg and ffprobe. This is used to analyze the source video and extract frames as high-quality JPEGs. The script correctly passes arguments as a list, which is a secure practice that prevents shell injection attacks.
  • [EXTERNAL_DOWNLOADS]: The generated HTML templates (assets/hub-template.html and assets/landing-page-template.html) include links to load typography from Google Fonts (fonts.googleapis.com and fonts.gstatic.com). These are standard, well-known services used for web design and do not pose a security risk.
  • [SAFE]: The skill follows secure development practices. It uses local scripts for file processing, handles user-provided paths safely within defined project directories, and manages assets (CSS/JS) by copying them from the skill's own assets folder to the target project location. No data exfiltration, obfuscation, or persistence mechanisms were detected.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 07:42 AM
Security Audit — agent-trust-hub — parallax-landing-page