The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to run a local utility script, scripts/hungyi_kb.py, for searching transcripts and navigating the knowledge graph. Static analysis of this script identifies usage of subprocess.run(), which executes shell commands. While used for legitimate functions like metadata synchronization, this represents a capability for arbitrary command execution if input is not strictly validated.
[PROMPT_INJECTION]: A transcript file (raw/youtube/transcripts/dWQVY_h0YXU.md) was flagged for containing instruction-override patterns (e.g., "Ignore previous instructions"). Although these are likely part of the spoken lecture content rather than malicious intent, they present an indirect prompt injection surface as the agent is directed to ground its answers in these files.
[EXTERNAL_DOWNLOADS]: The requirements.txt file specifies external dependencies (youtube-transcript-api, networkx, python-louvain). These are standard libraries used for the skill's stated purpose of fetching YouTube data and processing graph structures.

hung-yi-lee