compress-video
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to execute local shell commands such as
find,ls,stat, andffmpegfor identifying and re-encoding video files. This is consistent with its stated functionality. - [PROMPT_INJECTION]: The skill processes user-controlled file paths, creating a surface for indirect prompt injection. 1. Ingestion points: User-provided directory and file paths are used to construct shell commands. 2. Boundary markers: No explicit delimiters are used for filename inputs. 3. Capability inventory: The skill has access to shell execution via subprocess calls. 4. Sanitization: The instructions mitigate risks by explicitly requiring the agent to quote variables representing user input.
- [SAFE]: No malicious patterns, such as data exfiltration or persistence mechanisms, were detected. The skill uses standard system tools for their intended purposes.
Audit Metadata