yt-brief
Warn
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains potentially misleading metadata regarding its origin and authorship.
- Evidence: The internal metadata identifies the author as 'Claude Code Plugins' (plugins@claudecodeplugins.io), which conflicts with the provided author context 'jeremylongshore'. This discrepancy could mislead users or agents regarding the skill's official status or trustworthiness.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its processing of untrusted external content.
- Ingestion points: The skill reads data from a local file named
validated_ideas.jsonand performs external information gathering using theWebSearchtool. - Boundary markers: There are no instructions or delimiters provided to help the agent distinguish between its core instructions and potentially malicious commands embedded in the ingested data.
- Capability inventory: The skill has access to
WebSearch,Read, andWritetools, allowing it to retrieve information and modify files based on processed input. - Sanitization: The instructions do not define any validation, filtering, or sanitization steps for content retrieved from external sources before it is incorporated into the agent's context.
Audit Metadata