ffmpeg-command
Pass
Audited by Gen Agent Trust Hub on Jun 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill focuses entirely on providing documentation and templates for generating FFmpeg command strings. It does not include any executable scripts or automation that would perform actions without user/agent intervention.
- [DATA_EXPOSURE]: No hardcoded credentials, API keys, or access to sensitive local file paths (such as .ssh or .aws) were identified in any of the skill files.
- [PROMPT_INJECTION]: The instructions do not contain patterns designed to bypass AI safety filters or override system-level constraints. The use of 'non-negotiable' language is used appropriately to ensure the agent reads the necessary reference documentation.
- [EXTERNAL_DOWNLOADS]: The skill references documentation and house-style guides from the author's own domain (rendi.dev). This is consistent with the provided author context and does not represent a security risk.
- [INDIRECT_PROMPT_INJECTION]: The skill processes natural language descriptions to build shell commands. While it does not explicitly instruct the agent to sanitize user-provided filenames, this is a common characteristic of command-generation skills and represents a low risk within the intended use case.
Audit Metadata