youtube-analyzer
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides instructions to install the Bun runtime using a piped shell command from its official website (https://bun.sh/install). This is a standard installation method for the tool.
- [EXTERNAL_DOWNLOADS]: The skill performs repository cloning from GitHub when a user provides a repository URL for tutorial analysis in Phase 3.
- [COMMAND_EXECUTION]: The skill executes various shell commands using the Bash tool to manage video metadata extraction via yt-dlp, transcript retrieval, and local data processing with Bun scripts.
- [PROMPT_INJECTION]: The skill handles untrusted external data from YouTube transcripts and GitHub repositories, which represents a potential surface for indirect prompt injection.
- Ingestion points: Video transcripts (Phase 1) and cloned repository content (Phase 3).
- Boundary markers: The orchestration logic in SKILL.md and the specialized instructions in the workflows/ directory enforce specific task scopes for sub-agents to mitigate unauthorized instruction following.
- Capability inventory: The skill utilizes Bash (for utility execution), Read, and Write tools for managing transcripts, an application-specific package database at ~/.config/youtube-analyzer/package-db.json, and final output files.
- Sanitization: External transcript data is normalized and cleaned of artifacts via the clean-transcript.ts script before being passed to analysis agents.
Audit Metadata