youtube-transcript
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill is vulnerable to Indirect Prompt Injection because it ingests untrusted data from an external source (YouTube transcripts).
- Ingestion points:
executable_transcript.jsfetches transcript text via theyoutube-transcript-pluslibrary. - Boundary markers: Absent. The script outputs raw transcript text without delimiters or instructions for the agent to ignore embedded commands.
- Capability inventory: The script is limited to network fetch and console output; it does not have file-write or shell execution capabilities.
- Sanitization: Absent. The transcript content is not sanitized or escaped before being presented to the agent.
Audit Metadata