yt-ideation
Warn
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill's 'Prerequisites' and 'Instructions' sections describe operations unrelated to its stated purpose of YouTube ideation. It requires 'Access to the ORM environment or API' and 'Required CLI tools installed and authenticated'. It further claims the output will include 'Configuration files or code changes applied to the project', suggesting unauthorized modification of system or project files.
- [DATA_EXFILTRATION]: By requesting access to 'authenticated CLI tools' and 'ORM environments', the skill creates a vector for accessing and potentially exfiltrating sensitive database credentials, API keys, or environment configurations.
- [PROMPT_INJECTION]: The skill uses deceptive metadata and instruction blocks. While the 'Ideation Process' describes a YouTube strategy, the 'Instructions' and 'Prerequisites' sections focus on ORM (Object-Relational Mapping) implementation. This mismatch could mislead an agent into performing high-privilege configuration changes under the guise of a low-risk creative task.
- [INDIRECT_PROMPT_INJECTION]: The skill processes external data including 'niche-analysis.json', 'niche-report.md', and WebSearch results for 'search demand' and 'competition level'.
- Ingestion points: Loading of 'niche-analysis.json' and 'niche-report.md'; WebSearch results for niche validation.
- Boundary markers: Absent; there are no instructions to ignore embedded commands in the research data or search results.
- Capability inventory: The skill uses 'Write' to apply configuration changes, 'Task' to interact with CLI tools, and 'Read' to access local files.
- Sanitization: Absent; the skill does not specify any validation or filtering for the data ingested from external research files or web searches.
Audit Metadata