Skills
skills/steipete/agent-scripts/video-transcript-downloader/Gen Agent Trust Hub

video-transcript-downloader

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • COMMAND_EXECUTION (LOW): The skill documentation indicates that ./scripts/vtd.js executes external system binaries yt-dlp and ffmpeg. While standard for this use case, the use of a passthrough mechanism (--) for extra arguments could lead to unexpected behavior if input is not properly sanitized by the underlying script.
  • EXTERNAL_DOWNLOADS (LOW): The skill is designed to download content from YouTube and other external sites via yt-dlp. This is the intended purpose of the skill and involves connection to well-known but user-defined remote URLs.
  • PROMPT_INJECTION (LOW): This skill is subject to Indirect Prompt Injection (Category 8). Malicious instructions could be embedded in video transcripts or subtitles processed by the agent.
  • Ingestion points: Transcripts are fetched from external URLs via youtube-transcript-plus and yt-dlp in scripts/vtd.js.
  • Boundary markers: Documentation mentions cleaning into paragraphs and stripping cues, but does not specify explicit LLM boundary markers for the downloaded text.
  • Capability inventory: Documentation suggests subprocess calls to yt-dlp and ffmpeg (shell execution context).
  • Sanitization: Basic text cleaning is performed (removing timestamps/brackets), but this is for formatting rather than security filtering.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:02 PM