youtube
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the yutu CLI from vendor-managed sources including the @eat-pray-ai/yutu NPM package and the github.com/eat-pray-ai/yutu repository.
- [COMMAND_EXECUTION]: Uses the yutu command to interact with the YouTube Data API for operations ranging from video uploads to content deletion.
- [DATA_EXFILTRATION]: Accesses sensitive authentication files such as client_secret.json and youtube.token.json, which are used to store OAuth credentials and tokens.
- [PROMPT_INJECTION]: Vulnerable to indirect prompt injection due to the handling of external data from YouTube.
- Ingestion points: Data entering the context from yutu search, comment, video, and activity list commands.
- Boundary markers: No delimiters or ignore instructions are present for retrieved content.
- Capability inventory: Destructive operations like yutu video delete and yutu comment delete are available.
- Sanitization: No specific sanitization or content validation procedures are documented.
Audit Metadata