youtube-search

Overall, the skill coherently implements a YouTube search utility using yt-dlp and formats structured results for downstream use. The main concerns are: (1) potential command-injection risk if user-provided input is not sanitized before embedding in shell commands, and (2) unverifiable binary installation of yt-dlp via an external tool manager without verifiable provenance. Otherwise, the data flow is self-contained (no credentials, no unexpected exfiltration) and the capabilities align with the stated purpose. Treat the skill as SUSPICIOUS pending improvements to input sanitization and verifiable dependency provenance.