Skills
skills/lwmxiaobei/yt-dlp-skill/yt-dlp/Gen Agent Trust Hub

yt-dlp

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The scripts download_video.py and extract_audio.py execute the yt-dlp and ffmpeg binaries using subprocess.run(). While arguments are passed as a list (avoiding shell injection), the skill provides a mechanism to execute these powerful media processing tools on the host system.\n- [EXTERNAL_DOWNLOADS] (LOW): The skill is designed to download content from the internet. By default, it accesses various media platforms (YouTube, Twitter, etc.). Users should ensure they only provide URLs from trusted sources to avoid unwanted downloads.\n- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection risk.\n
  • Ingestion points: scripts/download_video.py calls yt-dlp --dump-json to extract video metadata. scripts/extract_urls.py processes user-provided text or files.\n
  • Boundary markers: None. The extracted metadata (title, description) is passed back to the agent context without sanitization or instruction-ignoring delimiters.\n
  • Capability inventory: File system writes (video downloads), subprocess execution (yt-dlp, ffmpeg).\n
  • Sanitization: No filtering of extracted metadata for potential injection markers that could influence subsequent agent behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 04:42 PM