Skills
skills/michailbul/laniameda-skills/youtube-digest/Gen Agent Trust Hub

youtube-digest

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted content from external sources.
  • Ingestion points: YouTube video descriptions, transcripts (via Supadata), and arbitrary URLs discovered in descriptions and fetched via web_fetch (SKILL.md).
  • Boundary markers: Absent. There are no instructions or delimiters provided to the agent to distinguish between the skill's instructions and potentially malicious content within the fetched data.
  • Capability inventory: File system write access (~/work/laniameda/...), shell command execution (curl, git), and network access (SKILL.md).
  • Sanitization: Absent. The skill is explicitly instructed to extract 'exact prompts', 'code snippets', and 'command examples' directly into the knowledge base without validation.
  • [COMMAND_EXECUTION]: The skill utilizes shell commands for data retrieval and self-maintenance.
  • Evidence: Uses curl to interact with the api.supadata.ai service using an environment variable $SUPADATA_API_KEY (SKILL.md).
  • Evidence: Instructs the agent to perform a git commit to update the skill's own content when new tools or workflows are discovered (Step 7).
  • [EXTERNAL_DOWNLOADS]: The skill performs network requests to an external API to fulfill its primary purpose.
  • Endpoint: https://api.supadata.ai/v1/youtube/
  • Purpose: Fetches video transcripts and metadata. This is a legitimate functional dependency of the skill.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 11:41 AM