bilibili-downloader
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- COMMAND_EXECUTION (HIGH): The skill executes local Python scripts using parameters derived from external Bilibili content. This presents a high risk of Indirect Prompt Injection (Category 8) and Command Injection if the scripts do not properly sanitize these inputs before passing them to shell-level operations. Evidence: 1. Ingestion: External Bilibili URLs and Space IDs. 2. Boundaries: None mentioned. 3. Capability: Execution of python scripts that call yt-dlp/ffmpeg. 4. Sanitization: Not provided in markdown.
- EXTERNAL_DOWNLOADS (MEDIUM): The skill requires the installation of yt-dlp via pip. This is an external dependency from a non-trusted source, introducing potential supply chain vulnerabilities.
- DATA_EXPOSURE (MEDIUM): Use of the --cookies flag indicates potential access to sensitive browser session data, which could be exposed if the processing environment is compromised.
Recommendations
- AI detected serious security threats
Audit Metadata