youtube-analyzer

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill provides instructions to install the Bun runtime using a piped shell command from its official website (https://bun.sh/install). This is a standard installation method for the tool.
  • [EXTERNAL_DOWNLOADS]: The skill performs repository cloning from GitHub when a user provides a repository URL for tutorial analysis in Phase 3.
  • [COMMAND_EXECUTION]: The skill executes various shell commands using the Bash tool to manage video metadata extraction via yt-dlp, transcript retrieval, and local data processing with Bun scripts.
  • [PROMPT_INJECTION]: The skill handles untrusted external data from YouTube transcripts and GitHub repositories, which represents a potential surface for indirect prompt injection.
  • Ingestion points: Video transcripts (Phase 1) and cloned repository content (Phase 3).
  • Boundary markers: The orchestration logic in SKILL.md and the specialized instructions in the workflows/ directory enforce specific task scopes for sub-agents to mitigate unauthorized instruction following.
  • Capability inventory: The skill utilizes Bash (for utility execution), Read, and Write tools for managing transcripts, an application-specific package database at ~/.config/youtube-analyzer/package-db.json, and final output files.
  • Sanitization: External transcript data is normalized and cleaned of artifacts via the clean-transcript.ts script before being passed to analysis agents.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 08:37 PM