yt-brief
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill exhibits an attack surface for indirect prompt injection by processing untrusted data from external and internal sources.\n- Ingestion points: Data enters the agent context through
WebSearch(Step 1), thevalidated_ideas.jsonfile (Before You Start), and direct user input.\n- Boundary markers: Absent. The instructions do not define delimiters or provide 'ignore embedded instructions' warnings for the data being processed.\n- Capability inventory: The skill utilizesWebSearchand possesses file-write capabilities (video-brief-{slug}.md).\n- Sanitization: There is no evidence of sanitization, escaping, or schema validation for the data ingested from the web or local files.
Audit Metadata