tao-generate-video-reasoning-annotations

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes the auto_label command-line utility to run the annotation pipeline steps, as defined in SKILL.md and references/skill_info.yaml.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8) because it processes untrusted video data and provides the output to a VLM for reasoning. Instructions or text appearing in the video frames could theoretically override the agent's intended annotation behavior.
  • Ingestion points: Raw video files accessed via the video_root or input_jsonl_files parameters specified in SKILL.md.
  • Boundary markers: None are defined to differentiate between video content and annotation instructions within the frames.
  • Capability inventory: Subprocess execution of the auto_label tool and network requests to third-party VLM/LLM providers like Google Gemini or OpenAI-compatible endpoints (references/configuration.md).
  • Sanitization: There is no documented mechanism to sanitize or filter potential instructional text embedded within the visual content of the source videos.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 04:35 PM
Security Audit — agent-trust-hub — tao-generate-video-reasoning-annotations