broll-terminal
Pass
Audited by Gen Agent Trust Hub on Jul 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the Playwright browser automation framework and the Chromium browser engine, which are well-known and trusted developer tools.
- [COMMAND_EXECUTION]: Utilizes FFmpeg and FFprobe locally to assemble captured frames into video files and inspect media properties. The arguments passed to these tools are sanitized and derived from controlled inputs.
- [SAFE]: The skill implements a secure-by-design approach by using a declarative data format that is never executed in a real shell. It also performs robust HTML escaping on all user-provided text in the
session.jsonbefore rendering it in the browser environment, preventing potential cross-site scripting (XSS) attacks.
Audit Metadata