ingest-youtube
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the
yt-dlpCLI tool to fetch video metadata and subtitles. It specifically uses the--argument separator when passing user-provided URLs to the command line, which is a recognized best practice to prevent command/argument injection attacks. - [EXTERNAL_DOWNLOADS]: The skill depends on
yt-dlp, a well-known and widely used open-source tool. The instructions direct users to install it via official package managers like Homebrew or pip. - [PROMPT_INJECTION]:
- Ingestion points: The skill ingests untrusted content in the form of YouTube video transcripts and metadata (titles, channel names) via
yt-dlp. - Boundary markers: No specific delimiters are mentioned for the imported transcript body within the resulting markdown files.
- Capability inventory: The skill possesses the capability to write to the local file system (creating markdown notes) and execute subprocesses (
yt-dlp). - Sanitization: The skill performs sanitization by 'slugifying' channel names and titles before using them in file paths, and it cleans VTT markers from transcripts to produce prose.
- [DATA_EXFILTRATION]: No sensitive local data is accessed. Network activity is confined to interacting with YouTube via the
yt-dlputility to retrieve publicly available video information.
Audit Metadata