Download videos, audio, subtitles, and clean paragraph-style transcripts from YouTube and any other yt-dlp supported site. Use when asked to “download this video”, “save this clip”, “rip audio”, “get subtitles”, “get transcript”, or to troubleshoot yt-dlp/ffmpeg and formats/playlists.
Security Analysis
high confidenceThe skill's code largely matches its stated purpose (downloading videos/subtitles and producing transcripts) but the metadata and install instructions are inconsistent and it forwards arbitrary yt-dlp arguments — these mismatches and forwarding behavior warrant caution before installing or running.
Functionality in SKILL.md and scripts/vtd.js matches the name/description (transcripts, downloads, subtitle parsing). However, the package includes a dependency (youtube-transcript-plus) and the runtime clearly requires yt-dlp and optionally ffmpeg, yet the skill metadata declares no required binaries or install steps — that omission is an inconsistency the user should be aware of.
The SKILL.md instructions are scoped to running scripts/vtd.js, invoking yt-dlp, and optionally installing via brew/npm. They do not request unrelated system data. One important caveat: extra arguments after `--` are forwarded directly to yt-dlp; yt-dlp supports options (e.g., --exec or post-processing flags) that can run shell commands or do other powerful actions. The skill spawns yt-dlp without a shell (mitigating simple injection), but forwarding arbitrary user-supplied args increases the attack surface.
There is no install spec in the registry metadata, but SKILL.md tells users to run `npm ci` in the skill directory and the repository includes package.json/package-lock.json. Installing will pull a public npm package (youtube-transcript-plus). The registry should have declared required install steps/binaries; the absence is an inconsistency and means the agent or user may need to execute package installs manually. Installing npm packages and running brew to get yt-dlp/ffmpeg are moderate-risk actions and should be done from trusted networks/sources.
The skill declares no required environment variables and the code only reads PATH to locate binaries. It creates temp directories and writes transcript/subtitle/download files to the filesystem (output-dir or temp). No credentials or unrelated env vars are requested.
always is false and the skill does not request persistent or system-wide privileges. It does not modify other skills or system-wide agent settings. It will write files to output directories and temporary directories as part of normal operation.
Guidance
What to check before installing or using this skill: - Provenance: the skill has no homepage and an unknown owner; prefer skills with a clear source or repository. Review the full scripts/vtd.js before running. - Install steps: SKILL.md expects you to run `npm ci` and to have yt-dlp (and optionally ffmpeg) installed, but the registry metadata lists no required binaries. Do not run npm installs or brew commands on a production machine without review — run in a sandbox or VM. - Dependency review: package.json pulls youtube-transcript-plus from the public npm registry. Inspect that dependency (or run installs in an isolated environment) to ensure it does what you expect. - Extra yt-dlp args: the tool forwards arbitrary args after `--` to yt-dlp. Be careful not to pass untrusted arguments (for example, yt-dlp has options that can execute post-processing commands). If you let the agent supply extra args automatically, restrict that behavior. - File writes: the skill writes temporary files and copies subtitles/downloads to the requested output directory. Don't give it output paths that contain sensitive data or point to system config locations. If you intend to use this skill, recommended safe steps: review scripts/vtd.js fully, run npm ci in an isolated environment, install yt-dlp/ffmpeg from official sources, and avoid passing unreviewed extra arguments to yt-dlp (or disable forwarding).
Latest Release
v1.0.0
More by @steipete
Published by @steipete on ClawHub
