youtube-downloader

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [CRITICAL] command_injection: Instruction to copy/paste content into terminal detected (CI012) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] The analyzed fragment presents a well-structured, user-centric YouTube/HLS downloader workflow. It sensibly combines yt-dlp and ffmpeg with authentication options (cookies or PO tokens) and includes troubleshooting and safety reminders. While the approach introduces credential handling surfaces, these are typical for protected-content workflows and can be secure if properly sandboxed and consented. Overall, the design is benign with moderate security risk tied to credential exposure and misconfiguration potential; ensure strict credential isolation and minimize logging of sensitive data. LLM verification: The skill correctly describes how to download and handle protected streaming content; however, it automates several high-risk operations: unpinned package installs, programmatic extraction/use of browser cookies, starting Docker containers with proxy rewriting, and launching/controlling a browser. I found no explicit malicious code or obfuscation, but the operational design increases supply-chain and credential-exposure risk. Recommendations: require explicit, per-action user consent; pin/instal