Skills
skills/ericmjl/skills/youtube/Gen Agent Trust Hub

youtube

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on the execution of shell commands including uvx, yt-dlp, sed, awk, and jq. These commands are used to manage downloads and process text files, involving write operations to user directories such as ~/Downloads, ~/Music, and specific synchronization folders.
  • [EXTERNAL_DOWNLOADS]: The skill uses uvx to dynamically fetch and execute the yt-dlp package from the Python Package Index (PyPI) at runtime.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection through its processing of external data.
  • Ingestion points: Video metadata (JSON format), titles, descriptions, and transcript files (.srt, .vtt) retrieved from YouTube.
  • Boundary markers: Absent; the skill does not implement delimiters or specific instructions to the agent to ignore embedded instructions in the downloaded content.
  • Capability inventory: Shell subprocess execution, file system writes across multiple user-home subdirectories, and network access to YouTube services.
  • Sanitization: Absent; while the skill uses sed to remove timestamps from transcripts, it does not perform sanitization or validation of the text content against malicious instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 06:33 PM