youtube-downloader
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The script scripts/download_video.py dynamically installs the yt-dlp package from PyPI if it is not found on the system. PyPI is a well-known service and the package is standard for this task.
- [COMMAND_EXECUTION]: The skill uses subprocess.run in scripts/download_video.py to execute yt-dlp and pip. It correctly uses argument lists to avoid shell injection vulnerabilities.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by processing and displaying untrusted video metadata. * Ingestion points: Video URL provided by the user and metadata (title, uploader) retrieved from YouTube in scripts/download_video.py. * Boundary markers: None present. The script does not use delimiters or warnings to separate external metadata from instructions. * Capability inventory: The skill can execute system commands and manage packages via subprocess.run in scripts/download_video.py. * Sanitization: Input URLs are handled as list items to prevent shell injection, but metadata fetched from YouTube is printed directly to the console without any sanitization or escaping.
Audit Metadata