Skills
skills/opus-pro/opus-skills/opusclip/Gen Agent Trust Hub

opusclip

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses a bash script (scripts/opusclip) to wrap API calls. It relies on standard system utilities like curl for network requests, jq for JSON processing, and ffmpeg for local media tasks such as generating storyboards or trimming clips.
  • [EXTERNAL_DOWNLOADS]: Media processing commands like storyboard and trim download temporary preview videos from the OpusClip API or associated Google Cloud Storage links to the local /tmp directory for processing.
  • [DATA_EXFILTRATION]: The skill transmits video URLs or local video files to the official OpusClip API (api.opus.pro) for processing. This is the primary intended function of the tool and uses the vendor's official infrastructure.
  • [PROMPT_INJECTION]: The skill processes external data such as video URLs and user-provided prompts for AI clipping. The bash script uses jq to build JSON payloads, which ensures proper escaping of user-provided strings before they are sent to the API endpoints.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 03:10 PM