Skills
skills/zeropointrepo/youtube-skills/youtube-full/Gen Agent Trust Hub

youtube-full

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • Persistence Mechanisms (HIGH): The skill documentation indicates that the setup script tapi-auth.js saves the API key to the user's shell profile. Modifying startup files like .bashrc or .zshrc is a persistent behavior that can be used for malicious access.
  • Indirect Prompt Injection (LOW): The skill fetches video transcripts and metadata from YouTube which are untrusted external sources.
  • Ingestion points: YouTube transcript and metadata retrieved via curl from transcriptapi.com.
  • Boundary markers: None mentioned; external data is likely interpolated directly into the agent context.
  • Capability inventory: Ability to execute Node.js scripts and network requests via curl.
  • Sanitization: No sanitization or filtering of external content is specified.
  • Command Execution (MEDIUM): The skill invokes local Node.js scripts (tapi-auth.js) during the registration and verification phases. The actual source of these scripts is not provided for analysis, hiding the specific logic used to modify system files.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 05:22 PM