yt-research
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted data scraped from YouTube which could contain malicious instructions designed to influence the agent's analysis or output.
- Ingestion points: Video metadata including titles, descriptions, and tags are collected via Apify actors as described in
SKILL.md(Step 2) andreferences/youtube-scraping-guide.md. - Boundary markers: No explicit delimiters (e.g., XML tags or clear separators) or 'ignore embedded instructions' directives are specified for the
channel-analyzersub-agents when they receive scraped data. - Capability inventory: The skill has file-writing capabilities (creating
niche-analysis.jsonandniche-report.md) and access to theWebSearchtool, which could be misused if an injection is successful. - Sanitization: There is no evidence of filtering or sanitizing the external data before it is passed to analysis prompts.
Audit Metadata