Video Summarizer
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface due to its core function of transcribing and summarizing external content.
- Ingestion points: Untrusted data enters the context via video transcripts from various platforms (YouTube, Google Drive, Dropbox, TikTok, etc.) provided through the --source argument.
- Boundary markers: The skill does not define specific markers or instructions to isolate the transcript content from the processing logic, which could allow malicious instructions in a video transcript to hijack the agent's behavior.
- Capability inventory: The skill can execute local commands (python -m summarizer), make network calls to multiple LLM APIs, and write summary files to the local disk.
- Sanitization: There is no evidence of validation or sanitization of the transcript text before it is sent to the LLM for processing.
Audit Metadata