bilibili-video-helper
Warn
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill explicitly instructs users to provide their full Bilibili browser session cookie ("复制 cookie: ... 整段内容发给我"). Session cookies are highly sensitive and could allow for account takeover if the agent logs the prompt or if the data is leaked.
- [COMMAND_EXECUTION]: The skill relies on shell commands (curl, yt-dlp, psql) that are constructed using variables derived from external Bilibili API responses. The SQL persistence section specifically builds queries using untrusted data like video titles and content without sanitization, posing a classic SQL injection risk.
- [DATA_EXFILTRATION]: The skill interacts with a user-provided database via the DATABASE_URL environment variable. When combined with the ability to fetch and process untrusted external content, this creates a potential pathway for data manipulation or unauthorized data transfer.
- [PROMPT_INJECTION]: The skill ingests untrusted user-generated content, such as Bilibili video comments and AI-generated subtitles, for analysis. It lacks explicit boundary markers or sanitization to prevent these external strings from containing indirect prompt injections that could influence the agent's behavior.
Audit Metadata