video-use

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: Multiple scripts use subprocess.run to execute ffmpeg and ffprobe for video processing and analysis. This is a core part of the video editing functionality.\n- [CREDENTIALS_UNSAFE]: The skill accesses a vendor-specific configuration file at ~/.rebyte.ai/auth.json to retrieve authentication tokens for the transcription service.\n- [DATA_EXFILTRATION]: Audio content is sent to the author's transcription service for processing, which is the intended behavior for the transcription feature.\n- [EXTERNAL_DOWNLOADS]: The skill utilizes standard Python packages and external utilities like yt-dlp and manim for video acquisition and animation.\n- [PROMPT_INJECTION]: Processing user-provided video transcripts through sub-agents creates an indirect prompt injection surface, though it is mitigated by the skill's interactive confirmation steps.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 01:20 PM
Security Audit — agent-trust-hub — video-use