video-compose
Warn
Audited by Gen Agent Trust Hub on Jul 10, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill orchestrates media processing by executing external binaries like FFmpeg, ffprobe, and Remotion via the
subprocessmodule. These commands process file paths and metadata generated by LLMs or provided by the user.\n - Evidence:\n
- Subprocess calls in
scripts/_common.pyfor video metadata extraction and processing.\n - Execution of the Remotion CLI in
scripts/render_titles.pyfor title generation.\n - Driver script
scripts/compose.pyspawning other Python scripts in the pipeline.\n- [DATA_EXFILTRATION]: The skill includes logic to automatically retrieve API keys from the configuration files of sibling skills. It crawls the local skills directory to read sensitive tokens from other projects.\n - Evidence:\n
get_replicate_tokenandget_gemini_api_keyfunctions inscripts/_common.pythat access sibling skill paths.\nsetup_key.pyscript specifically designed to facilitate cross-skill credential migration.\n- [EXTERNAL_DOWNLOADS]: A utility for fetching remote resources is included in the shared library, enabling the skill to download arbitrary files to the local system.\n- Evidence:\n
download_filefunction inscripts/_common.pyusingurllib.request.urlretrieve.\n- [PROMPT_INJECTION]: Instructions for video editing and timeline generation are combined with user-provided creative briefs, creating a surface for prompt injection where malicious input could influence the LLM's structured JSON output.\n- Evidence:\n
- Prompt interpolation in
scripts/treatment.pyfor drafting video scripts.\n - Asset matching logic in
scripts/generate_edl.pythat uses scene descriptions to build edit decision lists.
Audit Metadata