frame-extraction
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses FFmpeg via shell commands to perform frame extraction and processing. It also references a 'Local Dependency Bootstrap Rule' from the vendor's shared configuration for environment setup.- [EXTERNAL_DOWNLOADS]: The instructions permit the agent to download video files from TikTok URLs if local copies are unavailable, which involves network access to a well-known external service.- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes untrusted data from video manifests and video files.
- Ingestion points: The skill processes manifest files that map IDs to local video paths and ingests data from local folders (SKILL.md).
- Boundary markers: There are no explicit instructions or delimiters defined to prevent the agent from following commands that might be embedded in the metadata of the processed videos or manifests.
- Capability inventory: The agent possesses capabilities to execute shell commands (
ffmpeg) and perform file system read/write operations within the work folder (SKILL.md). - Sanitization: The skill does not describe specific sanitization or validation steps for the content of the manifests or video metadata before processing.
Audit Metadata