video-transcript-downloader
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- PROMPT_INJECTION (LOW): Indirect Prompt Injection risk (Category 8). The skill processes untrusted transcript data from external websites, which could contain instructions designed to influence the agent's behavior. * Ingestion points: Transcript and subtitle data fetched from URLs provided to vtd.js. * Boundary markers: Documentation does not mention sanitization or delimiters. * Capability inventory: Access to the local filesystem (downloads) and the ability to execute network requests via yt-dlp. * Sanitization: The primary execution script (vtd.js) was not provided for analysis.
- COMMAND_EXECUTION (LOW): The skill is designed to wrap and execute external command-line tools, specifically yt-dlp and ffmpeg, which is standard for its intended purpose but represents a surface for command-line argument risks.
- EXTERNAL_DOWNLOADS (LOW): The skill downloads dependencies from the npm registry and instructs the user to download system utilities via Homebrew. It also performs downloads of external media files from arbitrary URLs.
Audit Metadata