youtube-fetcher
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The script executes the
yt-dlpbinary usingsubprocess.run. The command is constructed using a strictly validated video ID, which is checked against a regular expression ([a-zA-Z0-9_-]{11}) to prevent any shell or command injection. - [EXTERNAL_DOWNLOADS]: The skill fetches data from YouTube via official oEmbed endpoints and the
yt-dlputility. It relies on standard, well-known Python packages includingyoutube-transcript-apiandrequests. - [PROMPT_INJECTION]: The skill has an architectural surface for indirect prompt injection as it processes untrusted text from YouTube descriptions and transcripts.
- Ingestion points: Video content is retrieved in
scripts/fetch_transcript.py. - Boundary markers: The generated Markdown uses standard headers but does not include explicit protective delimiters to prevent the agent from following instructions embedded in the video content.
- Capability inventory: The skill has permissions to write files to
~/yt_transcripts/and execute subprocesses. - Sanitization: The script performs YAML and Markdown escaping for structural integrity, though it does not filter for natural language instructions.
- [DATA_EXFILTRATION]: No unauthorized data access or exfiltration patterns were detected. The skill only saves fetched video data to a local directory defined by the user.
Audit Metadata