video-analysis
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
subprocess.runto call theffmpegbinary for extracting metadata and keyframes. The implementation uses list-based arguments which prevents shell command injection. \n- [DATA_EXFILTRATION]: Video files and frames are transmitted toopenrouter.aifor native analysis. This is a well-known service and necessary for the skill's primary function. No access to sensitive system credentials or files (e.g., .ssh, .env) was detected. \n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the processing of external video and audio content. \n - Ingestion points: Video files located in the workspace relative to
WORKSPACE_DIR. \n - Boundary markers: Absent; transcripts and model analysis are returned as raw text strings. \n
- Capability inventory: The skill can execute local shell commands via
ffmpegand perform network requests to OpenRouter. \n - Sanitization: No sanitization or filtering is applied to the extracted audio transcripts or the model's textual analysis before they are passed back to the agent.
Audit Metadata