youtube-research
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes the
yt-dlputility via a Python subprocess to download video records from YouTube URLs. - [COMMAND_EXECUTION]: Uses the
ffmpegutility for media generation and Node.js for running internal workspace management scripts. - [EXTERNAL_DOWNLOADS]: Downloads YouTube metadata, comments, and video files through the PostPlus Cloud collection service and external URLs.
- [PROMPT_INJECTION]: Processes untrusted data in the form of YouTube comments, creating an indirect prompt injection surface when this data is displayed to the user or agent.
- Ingestion points: Audience comments gathered from YouTube videos via the
youtube-commentscollection key. - Boundary markers: Explicit instructions are provided to the agent to clarify the nature of public comment data to the user.
- Capability inventory: Subprocess execution for media tools, file system writes for asset management, and network communication via Node.js HTTP modules.
- Sanitization: The local workspace dashboard implements HTML entity escaping for data rendered in the UI.
Audit Metadata