The Agent Skills Directory

Unverifiable Dependencies (MEDIUM): The skill references a local script scripts/smart_edit.py which is not provided for inspection. This script is intended to handle core logic including chaptering and execution. Furthermore, the skill instructions recommend installing system binaries (yt-dlp, ffmpeg) using brew install, which constitutes system-level changes outside the agent's restricted environment.
Indirect Prompt Injection (LOW): The skill possesses a clear attack surface for indirect prompt injection.
Ingestion points: The agent is instructed to read and perform 'AI analysis' on the full content of external .vtt subtitle files downloaded from YouTube (Step 5).
Boundary markers: There are no instructions to use delimiters or warnings to ignore embedded instructions within the subtitle text.
Capability inventory: The agent has the capability to execute shell commands (ffmpeg, yt-dlp, python) and write to the filesystem.
Sanitization: While basic filename sanitization is mentioned for outputs, no sanitization or safety filtering is applied to the subtitle content before it is processed by the LLM.
Command Execution (LOW): The skill relies heavily on executing shell commands with user-provided or externally sourced inputs (YouTube URLs, file paths). While it suggests some safety measures (replacing spaces with underscores), complex command interpolation still carries inherent risks.

youtube-chapter-clipper