The Agent Skills Directory

[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data (video transcripts) to generate summaries and insights. • Ingestion points: Reads transcription output from 'memorex' in Step 5. • Boundary markers: No delimiters or isolation markers are used to separate the transcript data from the system's instructions during synthesis. • Capability inventory: Shell command execution (yt-dlp, memorex) and local file system write access. • Sanitization: The skill does not perform any sanitization or validation of the transcript content before it is processed by the model.
[COMMAND_EXECUTION]: The skill uses shell scripts that incorporate variables derived from user input, which may be vulnerable if not handled correctly by the agent. • Evidence: Steps 2 and 3 execute 'yt-dlp' using the $URL variable. Step 4 executes 'memorex' using [video_file_path]. • Risk: Maliciously crafted input in $ARGUMENTS could attempt to escape the command context if the agent performs simple string substitution without proper shell escaping.
[EXTERNAL_DOWNLOADS]: The skill uses 'yt-dlp' to download video content from external URLs. This is the primary intended behavior of the skill and targets well-known video hosting services.

analyze-video