facebook-videos

Pass

Audited by Gen Agent Trust Hub on Jul 10, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The Python script download_facebook_videos.py uses subprocess.run() to execute yt-dlp. The commands are constructed using list arguments, which is a security best practice that prevents shell injection vulnerabilities.
  • [EXTERNAL_DOWNLOADS]: The skill instructions suggest ensuring yt-dlp is installed via pip. This is a standard procedure for tools that rely on external media download utilities.
  • [DATA_EXFILTRATION]: The skill supports the --cookies-from-browser flag for yt-dlp. This is a legitimate feature used to authenticate with Facebook for downloading videos that are behind login walls. The data is handled locally by the yt-dlp utility for authentication purposes and is not sent to any third-party servers.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 10, 2026, 01:40 AM