Skills
skills/codingheader/myskills/youtube-downloader/Gen Agent Trust Hub

youtube-downloader

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [UNVERIFIABLE_DEPENDENCIES] (MEDIUM): The file scripts/download_video.py contains logic in check_yt_dlp() to automatically install the yt-dlp package from PyPI using pip at runtime. Dynamic package installation can be exploited if an attacker intercepts the connection or if the package registry is compromised.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests untrusted data from an external source (YouTube video titles and metadata via yt-dlp --dump-json).
  • Ingestion points: Video title and uploader name are fetched from the YouTube API.
  • Boundary markers: None. The metadata is printed directly to the console.
  • Capability inventory: The script has filesystem write access and network access.
  • Sanitization: None. Malicious instructions embedded in a video title could potentially influence the agent's next steps if it reads the console output.
  • [COMMAND_EXECUTION] (SAFE): The script uses subprocess.run() with a list of arguments (e.g., cmd = ["yt-dlp", ... url]) instead of a single string with shell=True. This is a best practice that prevents shell injection vulnerabilities.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:37 PM