Skills
skills/apsteinberg/skills/youtube/Gen Agent Trust Hub

youtube

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the uvx command (part of the uv Python toolchain) to execute yt-dlp for media processing. It also references standard system utilities like sed and jq for post-processing data.
  • [EXTERNAL_DOWNLOADS]: The skill fetches the yt-dlp package from the Python Package Index (PyPI) via uvx. It also facilitates the download of video, audio, and metadata content from YouTube servers to the local file system.
  • [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection.
  • Ingestion points: Untrusted content such as video titles, descriptions, and transcripts are ingested from YouTube into the agent's context (SKILL.md).
  • Boundary markers: While URLs are quoted in shell commands, there are no instructions to delimit or ignore instructions embedded within the fetched metadata or transcripts.
  • Capability inventory: The skill has the capability to write files to various local directories (SKILL.md).
  • Sanitization: The skill does not explicitly sanitize the external content it retrieves before it might be processed by subsequent agent steps.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 09:10 PM