Skills
skills/davepoon/buildwithclaude/youtube-downloader/Gen Agent Trust Hub

youtube-downloader

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The script scripts/download_video.py contains a function check_yt_dlp() that automatically installs the yt-dlp package from PyPI using pip install if it is not found on the system. This runtime dependency installation from a public registry without version pinning or integrity verification is a security risk.
  • [COMMAND_EXECUTION] (LOW): The skill relies on subprocess.run to execute yt-dlp commands. While it correctly uses a list of arguments rather than a single string (mitigating basic shell injection), it still executes system-level commands using inputs derived from external URLs.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests untrusted data from an external source (YouTube video metadata such as titles). This data is used to generate file paths and is printed to the console, creating a surface for indirect injection if a downstream process or the agent itself interprets this metadata as instructions.
  • Ingestion points: Video metadata (title, uploader) fetched via yt-dlp --dump-json in scripts/download_video.py.
  • Boundary markers: None; external metadata is interpolated directly into strings.
  • Capability inventory: subprocess.run for command execution and file system writes via yt-dlp.
  • Sanitization: None; uses raw metadata for file naming templates.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:05 PM