video-downloader
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill provides numerous command-line templates for running the
yt-dlputility. These templates use double-quoting for URL placeholders (e.g.,"<URL>"), which is a standard security practice to prevent command injection from malformed URLs. - [EXTERNAL_DOWNLOADS]: The skill guides the user to install well-known, legitimate multimedia tools (
yt-dlpandffmpeg) using standard package managers like Homebrew (brew) and Pip (pip). These are trusted sources and the tools are standard for the stated purpose. - [DATA_EXPOSURE]: Includes a mention of using browser cookies (
--cookies-from-browser chrome) to handle authenticated downloads. While this accesses sensitive browser data, it is a documented feature of the legitimate tool and is presented as an optional troubleshooting step for the user.
Audit Metadata