Skills
skills/yelban/ljg-skills.tw/ljg-x-download/Gen Agent Trust Hub

ljg-x-download

Warn

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands like curl and yt-dlp using input directly derived from user-provided URLs. The absence of sanitization instructions for these variables creates a risk of command injection if shell metacharacters are included in the input.
  • [CREDENTIALS_UNSAFE]: The troubleshooting section suggests using the --cookies-from-browser chrome flag with yt-dlp. This instruction allows the agent to access and use sensitive session data from the user's browser, posing a privacy and security risk.
  • [EXTERNAL_DOWNLOADS]: The skill fetches content from external domains including x.com, twitter.com, t.co, and pbs.twimg.com. While necessary for the skill's functionality, these represent external data sources.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes external URL content and metadata. Ingestion points: User-supplied URLs and yt-dlp --dump-json output in SKILL.md. Boundary markers: None present. Capability inventory: curl, yt-dlp, and ls as specified in SKILL.md. Sanitization: No validation or escaping mechanisms are defined.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 27, 2026, 04:22 PM