Skills
skills/giarld/skills/bilibili-video/Gen Agent Trust Hub

bilibili-video

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands and subprocesses to download content.
  • Uses yt-dlp for video downloading in scripts/bili_download.sh.
  • Orchestrates logic using shell scripts (scripts/bili_grab.sh) and Python.- [EXTERNAL_DOWNLOADS]: Fetches content and metadata from Bilibili's infrastructure.
  • Downloads video files via yt-dlp and cover images via requests in scripts/bili_fetch.py.
  • Fetches metadata and comments from api.bilibili.com.- [PROMPT_INJECTION]: The skill ingests untrusted content from Bilibili that could influence agent behavior.
  • Ingestion points: scripts/bili_fetch.py retrieves video titles, descriptions, and user comments from public Bilibili APIs.
  • Boundary markers: None present in the prompt instructions to delimit untrusted content.
  • Capability inventory: Subprocess execution (yt-dlp), file system writes, and network access.
  • Sanitization: No explicit sanitization of text metadata is performed before it is used for summarization or filename construction, creating a surface for indirect prompt injection.- [DATA_EXFILTRATION]: Manages sensitive authentication data.
  • The skill uses the BILI_COOKIE environment variable to pass authentication tokens to Bilibili's APIs. This is a standard and recommended practice for this utility type.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 06:02 AM
Security Audit — agent-trust-hub — bilibili-video