video-transcription

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface (Category 8) because it ingests and processes untrusted transcription text from external sources.
  • Ingestion points: Transcription artifacts (SRT, TXT, JSON) are downloaded and stored in _postplus_shared/40-creative/audio-transcription/scripts/_shared.mjs.
  • Boundary markers: None; external transcript content is not wrapped in delimiters or accompanied by instructions to ignore embedded commands.
  • Capability inventory: The skill can execute subprocesses (yt-dlp) and perform network operations (fetch).
  • Sanitization: No sanitization is performed on the ingested transcription text before it is returned to the agent context.
  • [COMMAND_EXECUTION]: The script _postplus_shared/00-core/shared-runtime/scripts/download_videos_from_manifest_with_ytdlp.mjs spawns a python3 subprocess to execute the yt_dlp module for media retrieval.
  • [CREDENTIALS_UNSAFE]: The library _postplus_shared/00-core/shared-runtime/scripts/lib/postplus_cli_config.mjs reads and writes to a local config.json file to manage session tokens used for authenticating with the hosted transcription service.
  • [EXTERNAL_DOWNLOADS]: The skill performs external downloads of video files via yt-dlp and fetches transcription output artifacts from remote URLs generated by the hosted provider.
  • [DATA_EXFILTRATION]: Local media files are uploaded to the vendor's hosted API endpoints (e.g., transcription-whisper-with-video) as part of the primary transcription workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 07:44 AM
Security Audit — agent-trust-hub — video-transcription