youtube-ingestion
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Potential for indirect prompt injection via processed video content.
- Ingestion points: The
scripts/fetch_transcript.pyscript fetches transcript data from external YouTube URLs provided by the user. - Boundary markers: The skill does not define clear delimiters or use 'ignore embedded instructions' warnings when summarizing the fetched transcript, which could lead the agent to follow instructions contained within a video's captions.
- Capability inventory: The skill possesses the ability to execute Python scripts via
uv runand perform file-write operations within the vault to create transcript and summary notes. - Sanitization: There is no evidence of filtering or sanitization of the transcript text to remove potential instructions or malicious metadata before it is processed by the agent.
- [EXTERNAL_DOWNLOADS]: The skill relies on an external library from a public registry.
- Details: The
scripts/fetch_transcript.pyscript declares a dependency onyoutube-transcript-apivia PEP 723 inline metadata, which is downloaded from PyPI during execution.
Audit Metadata