yt-outline
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a structured workflow for generating YouTube production documentation. It operates within the scope of its declared tools (
WebSearch,Read,Write) to research topics and manage local markdown files. - [DATA_EXPOSURE_AND_EXFILTRATION]: The skill accesses local files such as
video-brief-yt-outline.mdandpackaging-yt-outline.mdto inform the content of the video outline. It saves outputs to the working directory. No unauthorized data exfiltration or credential harvesting patterns were detected. - [INDIRECT_PROMPT_INJECTION]: The skill processes external data (web search results and local project briefs). While this technically creates a surface for indirect prompt injection—where malicious instructions in a video brief could attempt to influence the agent's behavior—the skill's logic is constrained to generating structured text, and no high-risk capabilities (like arbitrary code execution) are linked to the processed data.
- [REMOTE_CODE_EXECUTION]: The documentation mentions prerequisites such as 'CLI tools installed' and 'API access,' but the skill itself does not provide or execute any code to install software or interact with remote APIs beyond the standard platform-provided
WebSearchtool.
Audit Metadata