youtube-downloader

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes explicit examples that pass credentials on the command line (e.g., --username YOUR_USERNAME --password YOUR_PASSWORD), which would require the LLM to include secret values verbatim in generated commands, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and processes content from open/public sites (see "Supported Websites (1000+)" including YouTube, Reddit, Twitter/X, TikTok) and includes runtime options to download and read user-generated subtitles, descriptions, and metadata (e.g., --write-subs, --write-description, --write-info-json and batch URL inputs), so it clearly ingests untrusted third-party content as part of its workflow.