Skills
skills/ericmjl/skills/youtube-ingestion/Gen Agent Trust Hub

youtube-ingestion

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands using uv run to trigger the Python transcript fetcher and markdownlint to validate the generated markdown notes.
  • [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: The skill uses the youtube-transcript-api library to fetch data. This is a well-known library used for its intended purpose within the script.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted external data (YouTube transcripts) and includes it in the agent's context, creating a surface where malicious instructions hidden in video subtitles could influence the agent.
  • Ingestion points: YouTube transcripts are fetched via scripts/fetch_transcript.py.
  • Boundary markers: Absent; transcript content is placed directly into markdown notes without delimiters or 'ignore' instructions.
  • Capability inventory: File system writing (creating notes) and command execution (uv run, markdownlint).
  • Sanitization: Absent; the transcript text is printed directly to stdout and then saved to files without validation or escaping.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 03:17 AM