yt-dlp-direct
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's primary function is generating and running shell commands for yt-dlp to manage online media. It includes diagnostic steps to verify the presence of yt-dlp and ffmpeg on the system PATH.
- [CREDENTIALS_UNSAFE]: Guidelines are provided for handling authenticated sessions using the --cookies-from-browser flag. The skill includes a specific safety boundary instructing the agent to avoid leaking sensitive information from these commands in its responses.
- [EXTERNAL_DOWNLOADS]: The skill enables downloading video, audio, and subtitle data from various external platforms supported by yt-dlp. It correctly identifies pip and Homebrew as the standard sources for installing the necessary CLI dependencies.
- [PROMPT_INJECTION]: The skill processes untrusted metadata from external URLs via yt-dlp, creating an indirect prompt injection surface.
- Ingestion points: Video and audio metadata retrieved from user-provided URLs in SKILL.md.
- Boundary markers: The Output Contract in SKILL.md defines a clear reporting structure for results.
- Capability inventory: Local yt-dlp execution and file-system writes are permitted.
- Sanitization: Instructions rely on default agent behavior without explicit sanitization steps.
Audit Metadata