yt-ideation
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- Security Assessment (SAFE): The skill consists of procedural instructions and strategic documentation for content creation. No malicious logic, obfuscation, or high-risk command execution was identified.
- Indirect Prompt Injection (LOW): The skill ingests untrusted data from the
WebSearchtool and external research files (niche-analysis.json,niche-report.md). This creates a surface for indirect prompt injection where web content could attempt to influence the agent's output. However, the risk is classified as LOW as the skill lacks sensitive capabilities (like file system write or shell execution) that could be exploited via this vector. - Data Exfiltration (SAFE): The skill does not access sensitive local paths (e.g., SSH keys, cloud credentials) and does not perform unauthorized network requests.
- Dependency Analysis (SAFE): The skill does not declare or install any external Python or Node.js dependencies at runtime.
Audit Metadata