The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes the yt-dlp utility to fetch video metadata and captions. These subprocess calls are performed using Bun's shell which handles argument escaping, mitigating basic command injection risks.
[COMMAND_EXECUTION]: Browser automation is achieved by publishing commands to an MQTT broker using mosquitto_pub. This allows the skill to programmatically open Gemini tabs and submit transcription prompts.
[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8) by ingesting untrusted transcript data from YouTube videos. 1. Ingestion points: YouTube captions are fetched via get-cc.ts and transcripts are generated by Gemini from external video content. 2. Boundary markers: Content is delimited in Markdown learning files, although there are no specific 'ignore embedded instructions' warnings for the agent during the knowledge indexing phase. 3. Capability inventory: The skill can execute shell commands (yt-dlp, mosquitto), perform filesystem writes (save-learning.ts), and interact with the Gemini web interface. 4. Sanitization: Transcript content is saved and indexed without explicit filtering or sanitization to remove potentially malicious instructions embedded in the video content.

watch