yt-transcript
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses industry-standard libraries (yt-dlp and openai-whisper) to perform its core functions. The script implements robust error handling, uses absolute paths for file operations, and employs atomic file writing via tempfile and os.replace to prevent file corruption or unexpected side effects.
- [EXTERNAL_DOWNLOADS]: The skill instructions provide standard installation commands for well-known and trusted Python packages (yt-dlp and openai-whisper). These dependencies are routine for the skill's stated purpose of video processing and transcription.
- [COMMAND_EXECUTION]: The script is designed to be invoked via command line. It uses standard argument parsing (argparse) to safely handle user-provided URLs and file paths. The documentation correctly instructs the agent to use absolute paths and quote all arguments, mitigating command injection risks.
- [INDIRECT_PROMPT_INJECTION]: (Vulnerability surface only) The skill processes untrusted metadata and transcript text from YouTube.
- Ingestion points: Video title, channel name, and transcript content are retrieved from YouTube via yt-dlp.
- Boundary markers: The output is structured as a Markdown document with clear headers, although it does not include explicit 'ignore embedded instructions' warnings for downstream agents.
- Capability inventory: The skill has file-write capabilities (saving transcripts) and network-read capabilities (fetching from YouTube).
- Sanitization: The script cleans transcript text by stripping HTML tags and uses ASCII normalization and slugification for generated filenames to prevent path manipulation. This is considered standard and safe for this application.
Audit Metadata