video-downloader
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHNO_CODEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (HIGH): The skill is highly vulnerable to Indirect Prompt Injection. It is designed to ingest untrusted data (video titles, descriptions, and metadata) from external platforms and perform file-write operations. Evidence Chain: 1. Ingestion points: Video metadata and URLs from YouTube/other platforms. 2. Boundary markers: None mentioned. 3. Capability inventory: File-write access (~/Downloads/). 4. Sanitization: None described.
- EXTERNAL_DOWNLOADS (MEDIUM): The core functionality relies on fetching data from external URLs, which poses an inherent risk if the sources are not strictly validated.
- NO_CODE (INFO): Only documentation (SKILL.md) was provided. The lack of executable scripts prevents a thorough audit of how the skill handles subprocesses, network requests, or file path sanitization.
Recommendations
- AI detected serious security threats
Audit Metadata