yt-packaging
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION] (SAFE): The instructions are focused on YouTube marketing strategy and do not contain any attempts to subvert the AI agent's core instructions or safety filters.
- [DATA_EXFILTRATION] (SAFE): There is no access to sensitive local data. The use of WebSearch is restricted to its primary function of market research.
- [REMOTE_CODE_EXECUTION] (SAFE): No external dependencies or remote scripts are downloaded or executed.
- [Indirect Prompt Injection] (SAFE): The skill processes user-supplied video briefs. This ingestion surface is well-defined and does not lead to any dangerous code execution or privilege escalation. Evidence Chain: (1) Ingestion points: video-brief-{slug}.md; (2) Boundary markers: Absent; (3) Capability inventory: WebSearch, local file writing; (4) Sanitization: Absent.
Audit Metadata