media-hub
Warn
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The files media_hub.py, tts.py, and video_understanding.py extensively use subprocess.run to invoke ffmpeg and ffprobe. While these use list-based arguments, they process paths and metadata from user-provided media files, which can lead to command-line argument injection if file names are not properly sanitized.
- [REMOTE_CODE_EXECUTION]: In media_hub.py, the _get_media_info_ffprobe method uses eval() to convert the r_frame_rate string from ffprobe output into a float. This represents a potential remote code execution vector if a malicious media file can cause ffprobe to output an executable string.
- [EXTERNAL_DOWNLOADS]: The video_understanding.py script implements functionality to download media from arbitrary URLs and the Feishu (Lark) API, which could be used to fetch malicious payloads into the local environment.
- [PROMPT_INJECTION]: The skill processes untrusted media to generate transcripts and summaries. This creates an indirect prompt injection surface where audio or video content containing instructions could manipulate the agent's subsequent analysis or actions.
Audit Metadata