concept-to-video
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes several utility scripts (
render_video.py,add_audio.py,critic_pass.py) that interface with system tools likemanim,ffmpeg, andffprobeviasubprocess.run. These calls are executed using argument lists, which effectively prevents shell injection vulnerabilities. - [EXTERNAL_DOWNLOADS]: The
scripts/fetch_assets.pyscript retrieves visual icons and images from the IconFinder API (api.iconfinder.com). It usesurllibto securely fetch assets based on storyboard requirements. - [DYNAMIC_EXECUTION]: The core functionality relies on an agentic pipeline where an LLM generates Python code (Manim scenes) from a storyboard. An auto-fix loop in
scripts/render_video.pyandscripts/_fixup_client.pyuses traceback data to patch code at runtime if rendering fails. This is a standard and necessary behavior for the skill's primary purpose of programmatic video generation. - [PROMPT_INJECTION]: The skill processes untrusted user concept text which is passed through several LLM and VLM stages. This presents a potential surface for indirect prompt injection; however, the skill implements structured storyboard validation and utilizes prompt templates with clear boundary markers to manage the flow of user-provided data.
- Ingestion points: User concept text enters the pipeline via
scripts/plan_storyboard.py. - Boundary markers: Prompt templates in
references/code2video/use markdown headers and explicit role instructions to separate system instructions from processed data. - Capability inventory: The generated animation code is executed locally by the Manim engine, which is restricted to animation primitives.
- Sanitization: The skill performs comprehensive JSON schema validation on the generated storyboards before they are used to produce executable Python code.
Audit Metadata