Skills
skills/zeropointrepo/youtube-skills/video-transcript/Gen Agent Trust Hub

video-transcript

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • Persistence Mechanisms (HIGH): The setup documentation indicates that the authentication script (scripts/tapi-auth.js) saves the API key directly to the user's shell profile (e.g., .bashrc or .zshrc). Modifying shell configuration files is a high-risk persistence mechanism that can be used to execute arbitrary commands or modify the environment across sessions.
  • Indirect Prompt Injection (LOW): The skill's primary function is to ingest transcript data from external YouTube videos. This data is untrusted and can contain malicious instructions designed to hijack the agent's behavior.
  • Ingestion points: The transcript field in the response from https://transcriptapi.com/api/v2/youtube/transcript.
  • Boundary markers: Absent; the skill does not suggest using delimiters or instructions to ignore embedded commands in the transcript.
  • Capability inventory: The agent has the ability to execute network requests via curl and local scripts via node.
  • Sanitization: None; the documentation suggests summarizing or quoting the raw transcript text directly.
  • Command Execution (MEDIUM): The skill relies on executing local Node.js scripts (scripts/tapi-auth.js) for registration and verification. While these scripts are part of the skill package, they perform sensitive operations like environment modification.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:09 PM