The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (MEDIUM): The skill instructs the agent to install external software using pip install yt-dlp and brew install ffmpeg. These commands download and execute unversioned packages from public registries at runtime, which is an unverifiable dependency risk.\n- [CREDENTIALS_UNSAFE] (MEDIUM): The workflow recommends using the --cookies-from-browser flag. This command accesses sensitive local files (browser cookies and profiles) to authenticate with video platforms. While necessary for the skill's function, it exposes private user authentication data to the tool's process.\n- [COMMAND_EXECUTION] (MEDIUM): The skill constructs shell commands by interpolating user-provided inputs such as VIDEO_URL and FORMAT_ID. Without explicit sanitization instructions for the agent, this creates a surface for shell command injection (e.g., via subshells like $(command) inside the URL string).\n- [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection (Category 8) as it processes data from external URLs. 1. Ingestion points: VIDEO_URL and PLAYLIST_URL from user input or external pages. 2. Boundary markers: Absent. 3. Capability inventory: Shell execution (yt-dlp), network access, and file system writes. 4. Sanitization: None specified in the skill instructions.

yt-dlp-downloader