youtube-transcript
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- Indirect Prompt Injection (LOW): The skill fetches external content from YouTube transcripts that could contain instructions designed to hijack the agent. * Ingestion point: transcript.js (line 25). * Boundary markers: Absent; data is printed directly to stdout. * Capability inventory: Limited to console output, but influences agent reasoning. * Sanitization: None.
- External Downloads (MEDIUM): The skill installs the
youtube-transcript-pluspackage from npm, which is not in the trusted source list.
Audit Metadata