Skills
skills/bguiz/yt-subs/youtube-transcript-extract/Gen Agent Trust Hub

youtube-transcript-extract

Pass

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill utilizes npx -y yt-subs, which triggers a download of the yt-subs package from the npm registry.
  • [REMOTE_CODE_EXECUTION]: The package downloaded from npm is executed locally to perform the transcript extraction.
  • [COMMAND_EXECUTION]: The skill invokes shell commands to run npx and save the transcript data to the filesystem.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by processing untrusted data from YouTube videos.
  • Ingestion points: Content is retrieved from YouTube titles, descriptions, and subtitles via the yt-subs tool.
  • Boundary markers: No delimiters or safety instructions are used to isolate the external content in the output file yt-subs.md.
  • Capability inventory: The environment allows shell command execution and file writing.
  • Sanitization: There is no evidence of filtering or escaping logic for the retrieved YouTube data before it is presented to the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 14, 2026, 07:45 AM