youtube-video-analyst
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it is designed to ingest and analyze YouTube transcripts, which are untrusted external data sources.
- Ingestion points: Transcripts are retrieved via the
scripts/fetch_transcript.pyscript or can be manually pasted by the user into the chat context. - Boundary markers: Absent. The skill instructions (SKILL.md) do not include delimiters or specific system instructions to the agent to ignore any command-like text contained within the transcripts.
- Capability inventory: While the skill focuses on content analysis, an attacker could potentially use a malicious transcript to hijack the agent's broader capabilities, such as file system operations or network access, depending on the host environment.
- Sanitization: Absent. The skill does not perform any filtering or sanitization on the transcript text before it is processed by the agent.
- [EXTERNAL_DOWNLOADS]: The skill relies on an external Python dependency for its core functionality.
- Dependency:
youtube-transcript-apiis required for thescripts/fetch_transcript.pyscript to function. - Context: This is a well-known and standard library used for accessing YouTube's transcript features without requiring an official API key.
Audit Metadata