youtube-summarizer
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the 'youtube-transcript-api' Python package via pip. This is a standard and reputable library for accessing YouTube transcript data.
- [COMMAND_EXECUTION]: The skill executes shell scripts to check for system dependencies, install required packages, and run local Python scripts for transcript extraction. It also performs file system operations by writing transcript data to the /tmp directory.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes external, untrusted content from YouTube transcripts. Malicious instructions embedded in a video's captions could potentially influence the behavior of the AI agent during the summarization process.
- Ingestion points: YouTube transcripts are retrieved via an external API and loaded into the processing context in SKILL.md and scripts/extract-transcript.py.
- Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the fetched transcript data.
- Capability inventory: The skill has the ability to write files to the local disk and execute command-line tools.
- Sanitization: The transcript text is not sanitized or escaped before being passed to the AI model for analysis.
Audit Metadata