Skills
skills/rabbit-ivan/ivan-skills/yt-dlp-downloader/Gen Agent Trust Hub

yt-dlp-downloader

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is designed around executing shell commands using yt-dlp and ffmpeg to perform video downloading and conversion tasks.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by interpolating user-provided URLs directly into command-line arguments without sanitization. * Ingestion points: Untrusted data enters via the VIDEO_URL, URL1, URL2, and URL3 placeholders in SKILL.md. * Boundary markers: No explicit delimiters or instructions to disregard embedded commands within the URLs are provided. * Capability inventory: The skill utilizes subprocess execution of yt-dlp and ffmpeg, involving disk writes and network access. * Sanitization: No input validation or sanitization logic is specified to prevent command injection via shell metacharacters in the URL string.
  • [DATA_EXFILTRATION]: The skill provides instructions for accessing sensitive user data using the --cookies-from-browser flag, which allows yt-dlp to read authentication tokens from the user's web browser. It also hardcodes a local directory path specific to the author's machine.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 11:00 AM