The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The script scripts/fetch_youtube_subtitles.sh attempts to install the yt-dlp package using pip at runtime if it is not already present on the system. While yt-dlp is a well-known tool, runtime package installation from external registries introduces unverified code into the environment.
[REMOTE_CODE_EXECUTION]: By installing and then executing the yt-dlp tool within a shell script, the skill performs remote code execution. The execution involves passing user-provided URLs to a shell command, which is a potential vector for injection.
[COMMAND_EXECUTION]: The skill relies on executing local shell and Python scripts (fetch_youtube_subtitles.sh, analyze_titles.py, retention_curve_checker.py, thumbnail_audit.py) which interact with the file system and external processes.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. It is designed to ingest and analyze YouTube subtitles, which are untrusted external data sources. Ingestion points: scripts/fetch_youtube_subtitles.sh fetches subtitles from external YouTube URLs. Boundary markers: The scripts do not implement delimiters or instructions to the LLM to ignore potentially malicious instructions embedded in the subtitle text. Capability inventory: The skill has the capability to execute shell commands and write files through its provided scripts. Sanitization: There is no evidence of sanitization or filtering of the subtitle content before it is processed by the agent.

mrbeast-perspective