Skills
skills/aaaaqwq/agi-super-skills/youtube-automation/Gen Agent Trust Hub

youtube-automation

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references an external MCP server endpoint at https://rube.app/mcp. This is the documented endpoint for the Rube (Composio) toolkit and is required for the skill's functionality.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) due to the processing of untrusted external content alongside high-capability tools.
  • Ingestion points: The agent retrieves user-generated content from YouTube using tools like YOUTUBE_SEARCH_YOU_TUBE and YOUTUBE_LIST_COMMENT_THREADS as specified in SKILL.md.
  • Boundary markers: There are no instructions or delimiters in the prompt to ensure the agent ignores instructions embedded within the fetched YouTube metadata.
  • Capability inventory: The skill grants the agent tools with account-level impact, such as YOUTUBE_UPLOAD_VIDEO, YOUTUBE_UPDATE_VIDEO, and YOUTUBE_CREATE_PLAYLIST.
  • Sanitization: No sanitization or validation of the external content is described before it is processed by the agent.
  • [NO_CODE]: This skill consists entirely of markdown documentation and instructions for using an external MCP server, with no local scripts or executables provided.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 07:57 AM