The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/render.py executes ffmpeg using subprocess.run with argument lists. This method is secure as it avoids shell interpretation and prevents common command injection vulnerabilities.
[EXTERNAL_DOWNLOADS]: The skill includes logic to download a static ffmpeg binary from evermeet.cx when the local installation lacks libass support. evermeet.cx is a well-known and established service for providing static ffmpeg builds for macOS. This is documented behavior for environment setup.
[PROMPT_INJECTION]: The skill processes untrusted media files, creating an indirect prompt injection surface. Evidence Chain: (1) Ingestion points: scripts/render.py accepts untrusted video and SRT files via --video and --srt arguments. (2) Boundary markers: None. (3) Capability inventory: subprocess.run in scripts/render.py executes ffmpeg. (4) Sanitization: Style parameters are escaped in build_force_style, though file paths are interpolated directly into filter strings. The risk is low as the agent only reads rendered frames for verification.

wjs-burning-subtitles