video-transcript-downloader
Warn
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill invokes shell-based utilities (yt-dlp, ffmpeg) through scripts/vtd.js. Since the script source is not provided, it is impossible to ensure that inputs like video URLs or extra arguments are properly escaped, posing a command injection risk.
- [EXTERNAL_DOWNLOADS] (LOW): The skill communicates with external video platforms to download media and metadata.
- **[Indirect Prompt Injection
- Category 8] (LOW):** The skill ingests untrusted transcripts from third-party sites. (1) Ingestion points: scripts/vtd.js via youtube-transcript-plus; (2) Boundary markers: None identified in documentation; (3) Capability inventory: Shell command execution and file system writes; (4) Sanitization: Unknown. This surface allows external content to enter the agent's context, potentially influencing its behavior.
Audit Metadata