solo-index-youtube
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill indexes untrusted transcripts from YouTube videos, creating a potential vector for indirect instructions. * Ingestion points: YouTube video transcripts and channels.yaml. * Boundary markers: Absent in the execution scripts. * Capability inventory: Uses Bash tool to execute uv run and make commands. * Sanitization: No sanitization of transcript text is implemented.
- Command Execution (SAFE): The skill uses Bash to run local commands for environment checks and indexing operations. All paths are local and intended for developer productivity.
Audit Metadata