video-recap

Pass

Audited by Gen Agent Trust Hub on Jun 30, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The orchestrator invokes local scripts (e.g., understand.py, cut.py, voiceover.py) and system tools (ffmpeg, ffprobe) via subprocess.run. These executions are performed using list-based arguments, which is the recommended practice to prevent command injection vulnerabilities.\n- [EXTERNAL_DOWNLOADS]: The skill makes legitimate API requests to Xiaomi's MiMo platform (xiaomimimo.com) for ASR, VLM, and TTS capabilities. These external communications are restricted to well-known service endpoints required for the skill's primary functions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 30, 2026, 01:55 AM
Security Audit — agent-trust-hub — video-recap