youtube-render-pdf
Warn
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions direct the agent to perform several operations using system-level tools. This includes the use of image processing utilities like ImageMagick (
magick montage) and the invocation of a LaTeX compiler (e.g.,pdflatexorxelatex) to produce the final PDF deliverable from the generated.texsource.\n- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it processes untrusted data from an external source and interpolates it into a document that is later compiled.\n - Ingestion points: The skill fetches video titles, chapter metadata, and subtitle tracks from YouTube (SKILL.md).\n
- Boundary markers: There are no explicit instructions or delimiters used to separate the ingested subtitle content from the document structure, nor are there instructions to treat the data as potentially malicious.\n
- Capability inventory: The agent has the capability to write files and execute command-line tools for document generation and media processing.\n
- Sanitization: The instructions do not specify any sanitization or escaping of LaTeX special characters or commands within the ingested subtitles, which could allow a maliciously crafted video track to influence the document compilation process.\n- [EXTERNAL_DOWNLOADS]: The skill fetches video metadata, high-resolution thumbnails, and subtitle files from YouTube. As YouTube is a well-known service and these downloads are essential to the primary function of the skill, these operations are standard.
Audit Metadata