youtube-downloader

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill instructs copying full m3u8 URLs (which often include signed query tokens) and embedding authentication headers/URLs directly into ffmpeg/yt-dlp commands, which requires the agent to include user-provided secret tokens verbatim in generated commands.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and processes arbitrary public video and HLS URLs (YouTube, Mux, Vimeo, m3u8) as documented in SKILL.md (e.g., "yt-dlp -F 'VIDEO_URL'", HLS m3u8 workflows) and implemented in scripts/download_video.py, meaning it ingests untrusted, user-generated third‑party content that can alter format detection and subsequent command execution.