youtube-video-analyst
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) due to its core function of processing untrusted external content.
- Ingestion points: Transcripts from YouTube videos are ingested into the agent's context through both an automated script (
fetch_transcript.py) and manual user input. - Boundary markers: The skill instructions lack explicit delimiters or specific directives for the agent to ignore any commands or instructions found within the transcript data, which could lead to the agent following malicious instructions embedded in a video's text.
- Capability inventory: The skill possesses the capability to execute a local Python script and suggests integration with other skills like 'content-creator', creating an attack surface where injected instructions could trigger downstream actions.
- Sanitization: No sanitization, filtering, or validation is performed on the transcript text before it is analyzed by the agent.
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of an external Python package.
- The
scripts/fetch_transcript.pyscript relies on theyoutube-transcript-apilibrary. While this is a well-known and widely used community library for this purpose, it is an external dependency not managed within the skill's own code.
Audit Metadata