Skills
NYC
skills/daymade/claude-code-skills/youtube-downloader/Gen Agent Trust Hub

youtube-downloader

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (LOW): The guide recommends installing third-party Python packages such as bgutil-ytdlp-pot-provider, yt-dlp-get-pot, yt-dlp-getpot-wpc, and yt-dlp-get-pot-rustypipe. While these are known tools in the yt-dlp ecosystem, they are not from the trusted organizations list.
  • [EXTERNAL_DOWNLOADS] (LOW): The guide instructs users to run a Docker container (brainicism/bgutil-ytdlp-pot-provider). This is a third-party image from an individual contributor, which carries a minor risk compared to official images.
  • [COMMAND_EXECUTION] (SAFE): The document contains shell commands for installing packages and running Docker, but these are provided as instructions for the user to follow rather than scripts to be executed automatically by an agent without oversight.
  • [DATA_EXFILTRATION] (SAFE): The guide mentions using browser cookies (--cookies-from-browser), which is a standard yt-dlp feature for authentication, but it does not contain code to exfiltrate these cookies to an external server.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:10 PM