youtube-harvester
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Remote Code Execution (HIGH): Automated scanners detected an untrusted remote code execution pattern involving the
transcript.fetch()method. The scanner indicates that data downloaded from this external source is passed to a subprocess for execution, which could allow an attacker to run arbitrary commands on the system by controlling the external data source. - External Downloads (LOW): The skill performs network operations to fetch data from external APIs, which is a common but noteworthy behavior for data-ingesting skills.
- Indirect Prompt Injection (LOW): The skill possesses a surface for indirect prompt injection by ingesting untrusted external text.
- Ingestion points: Untrusted data enters the agent context via the
transcript.fetch()call. - Boundary markers: No explicit boundary markers or 'ignore' instructions are visible in the provided code snippet.
- Capability inventory: Automated scans flag subprocess execution capabilities.
- Sanitization: No sanitization or validation of the fetched transcript data is present in the analyzed segment.
Recommendations
- HIGH: Downloads and executes remote code from: unknown (check file) - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata