The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it is designed to ingest and analyze untrusted external data in the form of YouTube transcripts.
Ingestion points: Data enters the agent context via the scripts/fetch_transcript.py script or through manual user pastes as described in SKILL.md.
Boundary markers: The instructions fail to provide clear delimiters or specific 'ignore embedded instructions' warnings to prevent the agent from following commands potentially hidden within the transcript text.
Capability inventory: The skill possesses the capability to execute a Python script (scripts/fetch_transcript.py) which performs network operations to fetch transcripts and has file-write capabilities if the --output argument is used.
Sanitization: There is no evidence of content sanitization or validation to filter out potential prompt injection attacks from the transcript data.
[PROMPT_INJECTION]: Metadata discrepancy detected. The provided author context identifies the creator as 'manojbajaj95', whereas the plugin.json file lists the author as 'Ship Shit Dev'. While this does not pose a direct functional risk, it is a deceptive metadata inconsistency.
[COMMAND_EXECUTION]: The skill includes and utilizes a local Python script, scripts/fetch_transcript.py, to programmatically fetch data from YouTube. This involves the execution of code to interact with external web resources, which is the primary intended functionality.
[EXTERNAL_DOWNLOADS]: The skill requires the installation of the 'youtube-transcript-api' Python package to function, which is a common third-party library for fetching video transcripts.

youtube-video-analyst