youtube
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
- Remote Code Execution (CRITICAL): The installation instructions require executing
curl -sSL https://canifi.com/skills/youtube/install.sh | bash. This pattern allows an attacker to execute arbitrary code on the user's system with no prior verification. The domain 'canifi.com' is not a trusted source. - Remote Code Execution (CRITICAL): The skill documentation includes a second piped execution command for the setup utility:
curl -sSL https://canifi.com/install.sh | bash. This represents an additional unverified entry point for malicious code. - Credentials Unsafe (HIGH): The skill explicitly instructs users to provide and store sensitive
GOOGLE_PASSWORDandSERVICE_PASSWORDvalues via a custom commandcanifi-env. Storing primary account credentials in unverified third-party utilities poses a severe risk of credential theft. - Command Execution (HIGH): The skill utilizes browser automation (Playwright) to interact with authenticated sessions. If the underlying scripts are malicious, this capability could be used to perform unauthorized actions on the user's YouTube or Google account.
- Indirect Prompt Injection (LOW): The skill is designed to process untrusted data from YouTube interfaces, such as video titles and comments.
- Ingestion points: YouTube search results, subscription feeds, and comment sections via browser automation.
- Boundary markers: None detected; instructions do not specify any delimiters for external content.
- Capability inventory: Browser automation (Playwright), credential access, and cookie management.
- Sanitization: No sanitization or escaping mechanisms are described for handling third-party web content.
Recommendations
- HIGH: Downloads and executes remote code from: https://canifi.com/install.sh, https://canifi.com/skills/youtube/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata