Skills
skills/julianobarbosa/claude-code-skills/yt-music/Gen Agent Trust Hub

yt-music

Pass

Audited by Gen Agent Trust Hub on May 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses subprocess.Popen in scripts/player.py to manage a background playback daemon and subprocess.run in scripts/player_daemon.py to identify the system's browser version. These operations are restricted to executing the skill's own bundled scripts and standard browser binaries using resolved local paths.
  • [EXTERNAL_DOWNLOADS]: The skill leverages the uv package manager to dynamically fetch official dependencies like ytmusicapi and playwright from the standard Python Package Index (PyPI). This is a transparent and standard method for handling project requirements.
  • [SAFE]: Authentication is managed securely by storing user-provided cookie headers in a local file (.yt-music/auth.json). The playback daemon, which runs a local HTTP server for control, implements its own security by generating a random hex token at startup and requiring it in the X-YTMUSIC-Token header for all requests.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes metadata (track titles, artist names) from YouTube Music. However, the instructions provided in SKILL.md and the workflow files explicitly direct the agent to format this data into structured tables and lists, which acts as a mitigating boundary against the agent misinterpreting data as instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 27, 2026, 09:30 AM
Security Audit — agent-trust-hub — yt-music