wjs-syncing-multicam
Pass
Audited by Gen Agent Trust Hub on May 30, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
subprocess.runinsync.py,sync_partial.py, andverify.pyto invokeffmpegandffprobefor audio extraction and media duration retrieval. These commands are executed using list-style arguments, which is a secure practice that prevents shell injection vulnerabilities. The operations are limited to the media files provided as input. - [EXTERNAL_DOWNLOADS]: The skill's scripts depend on the well-known and trusted Python libraries
numpyandscipy. These are standard tools for numerical and signal processing and do not pose a security risk in this context. - [SAFE]: The skill's behavior aligns perfectly with its stated purpose of computing time offsets for multicam synchronization. It processes local files to generate
.sync.jsonsidecar files and does not perform any network operations, data exfiltration, or persistence-related activities.
Audit Metadata