video-downloader
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHNO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE] (INFO): The skill consists solely of a markdown file (SKILL.md) with no accompanying scripts or configuration files to analyze for direct execution vulnerabilities.
- [PROMPT_INJECTION] (HIGH): The skill defines a large attack surface for Indirect Prompt Injection. Ingestion points: External video metadata (titles, descriptions, comments) from platforms like YouTube. Boundary markers: None present; the agent is not instructed to disregard instructions found in the external content it fetches. Capability inventory: Implies file-writing permissions to the user's local directory and network access. Sanitization: Not specified; using external titles directly for filenames or as input for agent reasoning without sanitization is unsafe.
Recommendations
- AI detected serious security threats
Audit Metadata