Skills
skills/kappaemme-git/codex-video-short-maker-skill/video-short-maker/Gen Agent Trust Hub

video-short-maker

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads Whisper machine learning models from Hugging Face's official repository (huggingface.co). This is a well-known service and the operation is required for the skill's transcription functionality.
  • [COMMAND_EXECUTION]: The skill uses subprocess.run and subprocess.Popen to interact with local media tools (ffmpeg, ffprobe). It correctly uses list-based arguments instead of shell strings, which prevents common command injection vulnerabilities. It also automates the installation of standard tools like Pillow and whisper-cpp via system package managers.
  • [SAFE]: No malicious patterns, obfuscation, or unauthorized data access were detected. The skill's behavior aligns with its stated purpose of video editing and transcription.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 04:42 AM
Security Audit — agent-trust-hub — video-short-maker