Skills
skills/postplusai/postplus-skills/pattern-router/Gen Agent Trust Hub

pattern-router

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The script _postplus_shared/00-core/shared-runtime/scripts/download_videos_from_manifest_with_ytdlp.mjs downloads video files from external URLs specified in a manifest using the yt-dlp utility.
  • [COMMAND_EXECUTION]: The skill executes external processes using the Node.js spawn function to invoke python3 and the yt_dlp module for media processing tasks.
  • [CREDENTIALS_UNSAFE]: The shared library _postplus_shared/00-core/shared-runtime/scripts/lib/postplus_cli_config.mjs programmatically manages authentication tokens by reading and writing to a config.json file located in the user's home configuration directory (e.g., ~/.config/postplus/). This behavior is consistent with standard CLI tool session management for the vendor's own platform.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 06:37 AM