video-compose

Warn

Audited by Gen Agent Trust Hub on Jul 10, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill orchestrates media processing by executing external binaries like FFmpeg, ffprobe, and Remotion via the subprocess module. These commands process file paths and metadata generated by LLMs or provided by the user.\n
  • Evidence:\n
  • Subprocess calls in scripts/_common.py for video metadata extraction and processing.\n
  • Execution of the Remotion CLI in scripts/render_titles.py for title generation.\n
  • Driver script scripts/compose.py spawning other Python scripts in the pipeline.\n- [DATA_EXFILTRATION]: The skill includes logic to automatically retrieve API keys from the configuration files of sibling skills. It crawls the local skills directory to read sensitive tokens from other projects.\n
  • Evidence:\n
  • get_replicate_token and get_gemini_api_key functions in scripts/_common.py that access sibling skill paths.\n
  • setup_key.py script specifically designed to facilitate cross-skill credential migration.\n- [EXTERNAL_DOWNLOADS]: A utility for fetching remote resources is included in the shared library, enabling the skill to download arbitrary files to the local system.\n
  • Evidence:\n
  • download_file function in scripts/_common.py using urllib.request.urlretrieve.\n- [PROMPT_INJECTION]: Instructions for video editing and timeline generation are combined with user-provided creative briefs, creating a surface for prompt injection where malicious input could influence the LLM's structured JSON output.\n
  • Evidence:\n
  • Prompt interpolation in scripts/treatment.py for drafting video scripts.\n
  • Asset matching logic in scripts/generate_edl.py that uses scene descriptions to build edit decision lists.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 10, 2026, 01:40 AM