Skills
skills/ericgandrade/claude-superskills/youtube-summarizer/Gen Agent Trust Hub

youtube-summarizer

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill ingests transcripts from external YouTube videos, which are attacker-controlled sources. These transcripts could contain malicious instructions designed to hijack the agent's behavior during the summarization process.
  • Ingestion points: SKILL.md Step 3 (transcript extraction from YouTube via Mode A, B, or C).
  • Boundary markers: Absent. The transcript text is directly interpolated into the agent's prompt context without delimiters or explicit instructions to treat the content as untrusted.
  • Capability inventory: The skill can execute shell commands (python3, pip), perform network operations (WebFetch), and write files to the local file system (SKILL.md Step 0, Step 3, and Step 5).
  • Sanitization: Absent. The transcript content is joined and processed as plain text without filtering or escaping of instructional patterns.
  • [COMMAND_EXECUTION]: Subprocess and Script Execution. The skill uses shell commands to verify the environment, check for package availability, and execute the core transcription logic through scripts/extract-transcript.py. It also provides a dedicated installation script scripts/install-dependencies.sh to manage its requirements.
  • [EXTERNAL_DOWNLOADS]: Dependency and Data Retrieval. The skill retrieves video data and caption tracks from YouTube's infrastructure. Additionally, it automates the installation of the youtube-transcript-api package from the Python Package Index (PyPI) to ensure functional operation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 03:08 AM
Security Audit — agent-trust-hub — youtube-summarizer