The Agent Skills Directory

[COMMAND_EXECUTION]: The core script video_subtitle.py uses subprocess.run to execute external command-line tools including yt-dlp, ffmpeg, and ffprobe. These are used for extracting metadata, downloading audio/video streams, and capturing keyframe screenshots.
[EXTERNAL_DOWNLOADS]: The skill documentation (SKILL.md and README.md) instructs users to install several third-party Python packages (yt-dlp, youtube-transcript-api, faster-whisper, openai, pydub, Pillow) and the ffmpeg system utility. These are well-known tools from established sources.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8). It processes untrusted data from external video platforms and integrates it into the agent's context without sanitization.
Ingestion points: Video transcripts and metadata are fetched from various platforms (Bilibili, YouTube, Douyin, and Xiaohongshu) via the video_subtitle.py script.
Boundary markers: The summarization instructions in SKILL.md lack delimiters or warnings to ignore instructions embedded within the transcript text, increasing the risk that the AI agent might follow malicious commands hidden in the video subtitles.
Capability inventory: The agent has the capability to execute shell commands (via the extraction script), write to the local file system (for caching and screenshots in the cache/ and screenshots/ directories), and perform network operations.
Sanitization: No sanitization or filtering is performed on the extracted transcript text before it is presented to the AI for summarization.

multi-video-summarizer