youtube-feed
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. It fetches and summarizes untrusted video descriptions from external YouTube feeds. 1. Ingestion points: Video descriptions are retrieved in scripts/get_updates.py from YouTube RSS and HTML pages. 2. Boundary markers: No delimiters or specific instructions are provided to the agent to ignore commands potentially embedded within the descriptions. 3. Capability inventory: The summarized descriptions are passed to a downstream 'podcast-workflow' which could be manipulated by malicious instructions. 4. Sanitization: No filtering or sanitization of natural language content is performed on the descriptions.
- [SAFE]: All network operations are directed at official YouTube infrastructure or the legitimate Jina AI utility service.
- [SAFE]: The skill documentation includes an absolute file path (/Users/ugreen/...) which exposes a local system username but does not present a direct security risk.
Audit Metadata