Skills
skills/browser-act/skills/youtube-transcript-analysis-api-skill/Gen Agent Trust Hub

youtube-transcript-analysis-api-skill

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a Python script scripts/youtube_transcript_analysis_api.py to interact with the BrowserAct API for transcript extraction.
  • [PROMPT_INJECTION]: There is a potential for indirect prompt injection through external data processing.
  • Ingestion points: Untrusted transcript data is retrieved from YouTube via the BrowserAct API and provided to the agent for analysis in SKILL.md.
  • Boundary markers: No explicit delimiters (e.g., XML tags or block markers) are used in the instructions to isolate the transcript content from the analysis prompts.
  • Capability inventory: The agent has access to the Python binary and standard file system tools.
  • Sanitization: No sanitization or filtering of the transcript text is performed prior to the analysis phase.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 10:45 AM