broll-terminal

Pass

Audited by Gen Agent Trust Hub on Jul 10, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the Playwright browser automation framework and the Chromium browser engine, which are well-known and trusted developer tools.
  • [COMMAND_EXECUTION]: Utilizes FFmpeg and FFprobe locally to assemble captured frames into video files and inspect media properties. The arguments passed to these tools are sanitized and derived from controlled inputs.
  • [SAFE]: The skill implements a secure-by-design approach by using a declarative data format that is never executed in a real shell. It also performs robust HTML escaping on all user-provided text in the session.json before rendering it in the browser environment, preventing potential cross-site scripting (XSS) attacks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 10, 2026, 01:40 AM