Skills
skills/jianshuo/claude-skills/wjs-dubbing-video/Gen Agent Trust Hub

wjs-dubbing-video

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses subprocess.run in scripts/dub.py to call ffmpeg and ffprobe for media processing tasks, such as duration probing and audio/video muxing. These commands are constructed using argument lists, which is a standard and secure practice for media manipulation.
  • [EXTERNAL_DOWNLOADS]: In scripts/visual_diarize.py, the skill downloads a MediaPipe Face Landmarker model (face_landmarker.task) from Google's official storage repository. This is a routine operation to fetch a required machine learning model from a well-known service.
  • [CREDENTIALS_UNSAFE]: The skill requires API credentials (VOLC_TTS_APPID and VOLC_TTS_ACCESS_TOKEN) to access the Volcano TTS service. The documentation instructs users to manage these credentials in a local .env file, which is a common developer practice for secret management.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 09:47 PM
Security Audit — agent-trust-hub — wjs-dubbing-video