Skills
skills/varlabz/skills/youtube-transcript/Gen Agent Trust Hub

youtube-transcript

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests data from external YouTube transcripts without sanitization for malicious instructions.\n
  • Ingestion points: Transcripts are fetched from external YouTube videos in scripts/extract.py.\n
  • Boundary markers: Absent; the retrieved transcript text is printed directly into the agent's context without delimiters or warnings.\n
  • Capability inventory: The skill is configured with shell tool access in SKILL.md.\n
  • Sanitization: The script performs cleaning of VTT subtitle markup but does not filter the text content for potential embedded instructions.\n- [EXTERNAL_DOWNLOADS]: The implementation script utilizes uvx to dynamically download and execute the yt-dlp package from the Python Package Index (PyPI). This is a well-known and legitimate tool for processing video metadata and subtitles.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 04:39 PM