transcribing-youtube
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
genInfoNugget.shexecutes several system utilities includingyt-dlp,jq,awk,sed, andfind. These tools are used to retrieve video metadata and perform text processing to remove redundancy from subtitles.\n- [EXTERNAL_DOWNLOADS]: The skill usesyt-dlpto fetch subtitles and metadata files directly from YouTube. Because YouTube is a well-known service and the downloads are limited to data related to the requested video, this is considered safe functionality.\n- [PROMPT_INJECTION]: The skill processes untrusted subtitle data from YouTube, which presents an indirect prompt injection surface.\n - Ingestion points: Subtitle data is fetched from YouTube into local files via
yt-dlpinscripts/genInfoNugget.sh.\n - Boundary markers: The resulting Markdown files do not include specific delimiters or warnings to prevent an agent from interpreting text within the subtitles as instructions.\n
- Capability inventory: The skill possesses file-write capabilities and executes several subprocesses for data transformation.\n
- Sanitization: While the script sanitizes output filenames and applies deduplication logic to the text, it does not perform safety filtering on the subtitle content itself.
Audit Metadata