Skills
skills/openclaudia/openclaudia-skills/youtube-analytics/Gen Agent Trust Hub

youtube-analytics

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [Data Exposure] (MEDIUM): The skill instructions involve reading the YOUTUBE_API_KEY from ~/.claude/.env.global. Access to files in the .env family is a high-severity finding (Category 2). However, because this is the primary method for the skill to function and uses a standard configuration path for the environment, the severity is reduced to MEDIUM.
  • [Command Execution] (LOW): The skill executes curl commands to fetch data from https://www.googleapis.com/youtube/v3. This is standard behavior for an API-integrated tool and targets a trusted domain.
  • [Indirect Prompt Injection] (LOW): The skill processes untrusted data (video titles, descriptions, and comments) from the YouTube API. Evidence Chain: 1. Ingestion points: YouTube API responses parsed as JSON. 2. Boundary markers: Absent; there are no instructions to the agent to treat external strings as untrusted or to use delimiters. 3. Capability inventory: Subprocess execution via curl. 4. Sanitization: Absent; no filtering or escaping of the ingested strings is specified.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:09 PM