Skills
skills/zeropointrepo/youtube-skills/youtube-playlist/Gen Agent Trust Hub

youtube-playlist

Warn

Audited by Gen Agent Trust Hub on May 2, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The authentication script scripts/tapi-auth.js modifies multiple shell configuration files (.bashrc, .zshenv, .profile, .zprofile, config.fish, and PowerShell profiles) to persist the TRANSCRIPT_API_KEY. While intended for setup, modifying global shell initialization files is a persistence-like behavior.
  • [COMMAND_EXECUTION]: The script also modifies systemd environment configuration (~/.config/environment.d/transcript-api.conf) and agent configuration files (~/.openclaw/openclaw.json).
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface through its processing of external data.
  • Ingestion points: Video metadata (titles, descriptions) from the transcriptapi.com API are ingested into the agent context via SKILL.md workflows.
  • Boundary markers: Absent; the skill instructions do not define delimiters to encapsulate external data within prompts.
  • Capability inventory: The skill has access to network operations and extensive file system modifications via its associated script.
  • Sanitization: Absent; no validation or filtering of API-returned content is specified before the data is processed by the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 2, 2026, 08:48 PM