tgw-video-indexer

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The scripts/video_pipeline.py script executes local system commands including ffmpeg, ffprobe, and whisper using subprocess.run with argument lists to extract video metadata and perform audio transcription. It also utilizes __import__ to dynamically check for the presence of optional environment dependencies like pandas and Pillow before proceeding with specific tasks.
  • [EXTERNAL_DOWNLOADS]: The references/config.md file provides setup instructions for users to install well-known media processing tools (ffmpeg) and common Python libraries (openai-whisper, pandas) required for the skill's functionality.
  • [SAFE]: The skill includes extensive instructions to respect user privacy and data boundaries, such as mandatory verification of the project root directory via the --workspace parameter and explicitly defaulting to local processing for sensitive video and transcript data.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 02:26 AM
Security Audit — agent-trust-hub — tgw-video-indexer