li-transcript
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/video2text.pyusessubprocess.runto callyt-dlpandffmpegfor video processing. These calls are implemented using argument lists rather than shell strings, which prevents command injection vulnerabilities from user-supplied URLs. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of well-known system tools (
yt-dlp,ffmpeg) and the officialtencentcloud-sdk-python-asrpackage. These are legitimate dependencies from trusted sources required for the skill's primary functionality of video transcription. - [PROMPT_INJECTION]: The skill processes transcription data from external video URLs, creating a surface for indirect prompt injection.
- Ingestion points: Video content is transcribed via
scripts/video2text.pyand the resulting text is passed to the AI for proofreading in Step 2 of the workflow. - Boundary markers: Absent. The AI is instructed to proofread the raw transcript without specific delimiters or warnings to ignore embedded instructions.
- Capability inventory: The skill can execute local shell commands via
scripts/video2text.pyand perform file system operations to archive transcriptions into a specific directory structure. - Sanitization: No sanitization or filtering is applied to the transcribed text before it is processed by the AI context.
Audit Metadata