The Agent Skills Directory

[SAFE]: Detailed technical analysis confirms the skill functions as a legitimate tool for podcast management. No malicious patterns, obfuscation, or unauthorized data access were detected across the script or documentation.
[EXTERNAL_DOWNLOADS]: The skill fetches podcast metadata from Apple's official iTunes API and downloads audio content from remote URLs found within those feeds. This activity is restricted to the skill's intended purpose and uses standard HTTP client headers to avoid access issues.
[COMMAND_EXECUTION]: The skill utilizes a local Python script to perform its tasks. The script safely parses user-provided URLs using standard libraries and includes logic to sanitize filenames, effectively mitigating risks associated with malicious input or path traversal attacks.
[PROMPT_INJECTION]: While the skill processes untrusted metadata from external RSS feeds (such as episode descriptions), it solely writes this information to local storage as static JSON files. It does not execute the content or use it to generate subsequent system commands, significantly reducing the surface for indirect injection attacks.

podcast-downloader