Skills
skills/postplusai/postplus-skills/visual-hook/Gen Agent Trust Hub

visual-hook

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The script _postplus_shared/00-core/shared-runtime/scripts/download_videos_from_manifest_with_ytdlp.mjs executes python3 -m yt_dlp via a subprocess to download media content. This is a standard implementation for video retrieval.
  • [EXTERNAL_DOWNLOADS]: The skill is designed to download video files from external URLs provided in a JSON manifest for the purpose of analyzing visual hooks. This is an intended capability of the toolset.
  • [DATA_EXFILTRATION]: The library _postplus_shared/00-core/shared-runtime/scripts/lib/postplus_cli_config.mjs reads the user's local PostPlus configuration file to retrieve authentication tokens, which are then used to communicate with the vendor's API. This represents standard authentication for the PostPlusAI ecosystem and follows the author's established resource patterns.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 06:37 AM