Skills
AGENT LAB: SKILLS
skills/sickn33/antigravity-awesome-skills/youtube-summarizer/Gen Agent Trust Hub

youtube-summarizer

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection as it ingests and processes untrusted YouTube transcripts.
  • Ingestion points: Untrusted transcript text enters the agent context through scripts/extract-transcript.py.
  • Boundary markers: There are no visible delimiters or safety instructions in the provided scripts to prevent the LLM from obeying instructions embedded in the transcripts.
  • Capability inventory: The extract-transcript.py script utilizes the youtube-transcript-api for network data retrieval.
  • Sanitization: No text sanitization or filtering is performed on the extracted transcripts.
  • [EXTERNAL_DOWNLOADS] (LOW): The skill installs a required third-party Python package from an external registry.
  • Evidence: scripts/install-dependencies.sh uses pip to install youtube-transcript-api.
  • Context: The package is well-known and essential for the skill's primary function, but represents a standard external dependency risk.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:06 PM