The Agent Skills Directory

Indirect Prompt Injection (HIGH): The skill is designed to process untrusted data from external sources. Ingestion points: User-provided URLs and the metadata (titles, descriptions) of external videos/webpages. Boundary markers: None specified in the documentation. Capability inventory: File system write operations (saving videos/thumbnails to ~/Downloads/) and network requests. Sanitization: No sanitization or validation logic is present. This surface allows an attacker to embed malicious instructions in video metadata that the agent might execute while processing the download.
No Implementation Code (MEDIUM): The skill consists entirely of documentation (Markdown) without any accompanying scripts or tool configurations. While the documentation describes complex behavior, the lack of code prevents any verification of how commands are constructed or how external data is handled.
Command Execution Risk (MEDIUM): The functionality described (downloading, quality selection, format conversion) typically relies on executing external binaries like yt-dlp or ffmpeg. Without source code to inspect, there is a risk that user-provided URLs could be used for command injection if not properly escaped.

video-downloader