Skills
skills/team-attention/stanford-cs146s-kr/split-youtube-chapters/Gen Agent Trust Hub

split-youtube-chapters

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands to manage the project structure and synchronize files.
  • Evidence: Step 10 uses mkdir -p and cp to create directories in the public folder and copy generated markdown files. The command parameters are derived from the path argument provided by the user.
  • [DATA_EXPOSURE]: The skill reads local project files to extract metadata and content.
  • Evidence: It accesses docs/week{N}/{slug}/eng/index.md and src/content/readings.ts. This access is necessary for the skill's primary function of content transformation and is limited to the local workspace.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external-facing markdown files (YouTube transcripts/translations).
  • Ingestion points: docs/week{N}/{slug}/eng/index.md and docs/week{N}/{slug}/kr/index.md.
  • Boundary markers: Absent (uses regex-based parsing).
  • Capability inventory: Modifies source code (readings.ts), creates files, and executes shell commands (mkdir, cp).
  • Sanitization: Relies on regex patterns for structural parsing, which provides a layer of validation against unstructured injection.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 02:07 PM
Security Audit — agent-trust-hub — split-youtube-chapters