YouTube Automation
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data which creates a surface for indirect prompt injection.
- Ingestion points: The
youtube_commentstool retrieves user-generated content from external YouTube sources. - Boundary markers: The skill configuration does not define explicit delimiters or security instructions to prevent the agent from executing commands embedded within comment text.
- Capability inventory: The agent possesses write-access tools including
youtube_upload,youtube_update, andyoutube_comments(for replying), allowing potential interactions based on injected content. - Sanitization: No sanitization, filtering, or validation logic is specified for processing incoming comment data.
- [NO_CODE]: The skill consists entirely of metadata, workflow descriptions, and configuration parameters without any accompanying scripts or executable code.
Audit Metadata