youtube-transcript

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses yt-dlp for downloading YouTube metadata and subtitles. These are standard commands for media processing and do not involve unauthorized privilege escalation or dangerous flags.
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions for installing yt-dlp via standard package managers (brew, apt, pip), which is a common and safe practice for providing dependency requirements.
  • [DATA_EXFILTRATION]: No exfiltration patterns detected. The network operations are limited to the functionality of the yt-dlp tool communicating with YouTube's servers to fetch public video metadata and captions.
  • [PROMPT_INJECTION]: The instructions are clear and instructional without any attempts to bypass safety filters or override agent behavior.
  • [NO_CODE]: The skill consists of Markdown documentation and shell command examples rather than complex scripts or binaries.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 07:12 AM
Security Audit — agent-trust-hub — youtube-transcript