Skills
skills/devskale/skale-skills/video-transcript-downloader/Gen Agent Trust Hub

video-transcript-downloader

Fail

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The install.sh script installs the uv tool from astral.sh using a piped shell command. This is the official installation method for this well-known developer utility.
  • [COMMAND_EXECUTION]: The main utility scripts/vtd.js executes yt-dlp and ffmpeg as subprocesses using the spawn method to handle media processing and transcript extraction.
  • [EXTERNAL_DOWNLOADS]: During the setup process, the skill downloads several external dependencies including the yt-dlp Python package and the youtube-transcript-plus library from public registries.
  • [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by ingesting and processing untrusted transcript data from external video platforms.
  • Ingestion points: Video transcripts are retrieved from external URLs via youtube-transcript-plus or yt-dlp in scripts/vtd.js.
  • Boundary markers: The skill does not implement specific delimiters or safety instructions to isolate the retrieved transcript content from the agent's instructions.
  • Capability inventory: The skill utilizes subprocess execution for media tasks and includes the ability to write files to the local directory.
  • Sanitization: The script performs basic cleanup of HTML tags and bracketed cues but lacks validation or filtering for natural language instructions that might be embedded in the transcript text.
Recommendations
  • HIGH: Downloads and executes remote code from: https://astral.sh/uv/install.sh - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 2, 2026, 02:43 AM