youtube-collector
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes local Python scripts for processing YouTube data and managing the local environment. These scripts perform standard file operations and API calls.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill requires the installation of well-known and reputable Python packages including
google-api-python-client,youtube-transcript-api, andpyyamlvia standard package managers. - [CREDENTIALS_UNSAFE] (SAFE): The skill implements a setup script (
setup_api_key.py) that stores YouTube Data API keys in a standardized, local configuration directory (~/.config/youtube-collector/) rather than within the project files, reducing the risk of accidental credential leakage. - [PROMPT_INJECTION] (LOW): Susceptibility to Indirect Prompt Injection.
- Ingestion points: External video metadata and transcripts are ingested via
scripts/collect_videos.pyand stored in YAML files within the.reference/directory. - Boundary markers: Data is stored in structured YAML format, providing some separation; however, the skill lacks explicit instructions for the AI to ignore embedded commands within these fields.
- Capability inventory: The skill has the capability to execute local scripts and perform file I/O operations.
- Sanitization: No sanitization or filtering is applied to the retrieved YouTube text content before it is processed by the AI for summarization, allowing potential malicious instructions in transcripts to influence agent behavior.
Audit Metadata