youtube-api
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [Persistence Mechanisms] (HIGH): The skill's setup instructions require running a script that modifies the user's shell profile to store API keys. Modifying shell configuration files (like .bashrc or .zshrc) is a persistence technique that can be misused to maintain access or execute code on shell startup.
- [Indirect Prompt Injection] (LOW): The skill processes untrusted YouTube transcripts and metadata. Evidence: (1) Ingestion points: API responses from transcriptapi.com; (2) Boundary markers: Not present; (3) Capability inventory: Shell command execution via curl and node; (4) Sanitization: No sanitization of transcript content before processing.
- [External Downloads] (LOW): The skill makes requests to transcriptapi.com, an untrusted external domain, to fetch data and handle authentication.
Recommendations
- AI detected serious security threats
Audit Metadata