youtube-feed
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The skill requires the agent to run a local script
get_updates.pyusingpython3. As the script source is not provided, its behavior is unverifiable and could potentially execute arbitrary commands on the host system. - INDIRECT_PROMPT_INJECTION (LOW): The skill processes untrusted metadata from YouTube feeds. 1. Ingestion points: YouTube video titles and descriptions fetched via scripts. 2. Boundary markers: None; the agent is not instructed to treat description content as untrusted data. 3. Capability inventory: The skill can execute shell commands and trigger other skills. 4. Sanitization: No sanitization or escaping of the fetched content is specified before processing.
- DATA_EXPOSURE (LOW): The skill definition reveals an absolute local file path (
/Users/ugreen/.claude/skills/), which exposes the host system's username and directory structure. - EXTERNAL_DOWNLOADS (LOW): The skill references an external data library (
zara.faces.site) and recommends third-party online tools for identifying YouTube channel IDs.
Audit Metadata