The Agent Skills Directory

Indirect Prompt Injection (LOW): The skill possesses a surface for indirect prompt injection by processing untrusted data from YouTube while having broad write permissions. * Ingestion points: Untrusted data enters the agent context via YOUTUBE_LIST_COMMENT_THREADS and YOUTUBE_SEARCH_YOU_TUBE (SKILL.md). * Boundary markers: There are no delimiters or instructions provided to ignore embedded commands within the fetched YouTube content. * Capability inventory: The skill includes powerful write tools such as YOUTUBE_UPLOAD_VIDEO, YOUTUBE_UPDATE_VIDEO, YOUTUBE_CREATE_PLAYLIST, and YOUTUBE_SUBSCRIBE_CHANNEL. * Sanitization: No evidence of data sanitization or validation before processing external content exists.
External Downloads (LOW): The skill directs the user to add an external MCP server from https://rube.app/mcp (SKILL.md). While this is the intended setup for the skill, the source is not on the predefined list of trusted external repositories.

youtube-automation