podcast-downloader
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill possesses a surface for indirect prompt injection via runtime data ingestion.
- Ingestion points: Podcast titles and descriptions fetched from the iTunes API and RSS feeds.
- Boundary markers: No specific delimiters or instructions are used to treat external metadata as untrusted data.
- Capability inventory: The skill allows filesystem writing and network downloads.
- Sanitization: The skill sanitizes filenames to prevent path traversal, but it does not sanitize the text content of the metadata.
- EXTERNAL_DOWNLOADS (SAFE): The skill fetches audio files and metadata from legitimate Apple Podcast endpoints.
- COMMAND_EXECUTION (SAFE): The skill uses standard Python script execution and package management (pip) to perform its tasks.
Audit Metadata