Media Downloader

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: downloads user-requested media to local media folders, with no evidence of hidden or destructive behavior.

Install this only if you want your agent to fetch media from URLs and save it on your machine. Expect disk usage, third-party downloader behavior from yt-dlp, possible use of configured cookie paths for authenticated media access, and Telegram delivery of downloaded audio when used from Telegram.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The triggers "Download this video ..." and "Download this music ..." are broad enough to match normal conversation and could cause the agent to start a download workflow unintentionally. In this skill, unintended activation is more concerning because activation leads directly to a network-fetching script and local file writes, not just a harmless read-only action.

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The skill description explains where files will be saved, but it does not present that behavior as a prominent warning or consent boundary to the user before execution. Because the skill writes potentially large media files into standard personal folders and may create playlist subdirectories automatically, users may trigger persistent local changes without realizing it.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal