video-downloader
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWNO_CODE
Full Analysis
- No Executable Content (SAFE): The skill consists entirely of a markdown file (SKILL.md) that describes functionality (downloading videos) but provides no implementation details, tool definitions, or scripts to execute those actions.
- Missing Implementation Context (INFO): While the documentation suggests the ability to write to the local filesystem (~/Downloads/), there is no code provided to analyze for directory traversal, command injection, or unsanitized input handling.
- Indirect Prompt Injection Surface (INFO): The skill is intended to process external data (video metadata from URLs). Since no code is present, no sanitization or boundary markers exist to evaluate, representing a theoretical vulnerability surface if implementation were added.
Audit Metadata