youtube-automation
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: Connects to an external MCP server endpoint at
https://rube.app/mcp. This is the documented and expected infrastructure for the Rube MCP service used by this skill. - [SAFE]: The skill processes untrusted external data from YouTube, such as search results (
YOUTUBE_SEARCH_YOU_TUBE) and user comments (YOUTUBE_LIST_COMMENT_THREADS). This represents a surface for indirect prompt injection. The skill has significant write capabilities (e.g., uploading videos, subscribing to channels). No specific boundary markers or sanitization steps are defined for incoming data in the instructions. However, no malicious patterns were identified in the skill's own code or logic.
Audit Metadata