Skills
skills/gooseworks-ai/goose-skills/youtube-watcher/Gen Agent Trust Hub

youtube-watcher

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/get_transcript.py executes the yt-dlp binary using subprocess.run with an argument list. This method is secure against shell injection attacks as it avoids the use of shell=True.\n- [EXTERNAL_DOWNLOADS]: The skill documentation in SKILL.md and the metadata specify yt-dlp as a required external dependency. It provides clear instructions for installing this legitimate tool via standard package managers like Homebrew or pip.\n- [PROMPT_INJECTION]: The skill processes untrusted text from external YouTube subtitles, creating a potential surface for indirect prompt injection if the transcript contains malicious instructions.\n
  • Ingestion points: External YouTube subtitle content is fetched and read in scripts/get_transcript.py.\n
  • Boundary markers: The script does not wrap the transcript output in delimiters or provide instructions for the agent to ignore embedded commands.\n
  • Capability inventory: The skill uses subprocess.run to call external binaries and performs local file reads.\n
  • Sanitization: While the script cleans WebVTT metadata and tags, it does not filter or sanitize the actual natural language content for malicious instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 09:59 PM