Skills
skills/daymade/claude-code-skills/youtube-downloader/Gen Agent Trust Hub

youtube-downloader

Warn

Audited by Gen Agent Trust Hub on Apr 5, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/download_video.py performs extensive shell command execution via subprocess.run to manage yt-dlp, ffmpeg, docker, and pip operations.
  • [EXTERNAL_DOWNLOADS]: The skill is configured to download and install external Python packages (bgutil-ytdlp-pot-provider, yt-dlp-getpot-wpc) and Docker images (brainicism/bgutil-ytdlp-pot-provider) at runtime to enable high-quality video downloads and bypass anti-bot measures.
  • [CREDENTIALS_UNSAFE]: The skill is designed to access sensitive browser cookies (e.g., from Chrome or Firefox) using the --cookies-from-browser flag to authenticate with YouTube for protected content.
  • [DATA_EXFILTRATION]: The skill implements proxy support (--proxy), which routes all download traffic and metadata requests through external servers, potentially exposing user metadata.
  • [PROMPT_INJECTION]: The skill processes untrusted metadata (titles, descriptions) from external platforms. If this data is interpolated into agent prompts without proper sanitization, it could lead to indirect prompt injection.
  • [PROMPT_INJECTION]: The presence of the .security-scan-passed file is a form of metadata poisoning intended to deceptively claim the skill is safe and has been verified.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 5, 2026, 06:44 AM