Skills
skills/eat-pray-ai/yutu/youtube-caption/Gen Agent Trust Hub

youtube-caption

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes the yutu command-line utility to perform caption management tasks on YouTube. Operations such as yutu caption list, yutu caption download, and yutu caption delete are defined with their respective flags across the skill's reference documentation.
  • [EXTERNAL_DOWNLOADS]: Setup instructions in references/setup.md direct users to install the yutu tool from authoritative sources including the author's npm package (@eat-pray-ai/yutu) and GitHub repository (github.com/eat-pray-ai/yutu).
  • [PROMPT_INJECTION]: The skill maintains an attack surface for indirect prompt injection because it ingests external caption data from YouTube videos. 1. Ingestion points: yutu caption list and yutu caption download (references/caption-list.md, references/caption-download.md). 2. Boundary markers: The prompt instructions do not specify delimiters or warnings to ignore embedded instructions in the caption content. 3. Capability inventory: The agent can perform file system writes (download), caption deletion (delete), and metadata updates (update). 4. Sanitization: No sanitization of retrieved caption data is defined in the documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 08:21 PM