Video Download FaaS
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches a video-downloader purpose, but it advertises isolation that is not present in the provided files and its process-control scripts are not safely limited to its own downloads.
Install only if you are comfortable with local yt-dlp background processes rather than proven container isolation. Use trusted URLs, avoid private/tokenized links on shared machines, and be careful that any session ID used for status or killing comes from this skill's own download output.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may believe downloads are sandboxed when they are actually running in the local environment.
The provided files do not implement Firecracker/container isolation; the actual download script runs yt-dlp locally with nohup, and the referenced run-in-container.sh is not present in the manifest.
description: Download videos in MP4 format using yt-dlp with FaaS (Firecracker/Container) isolation
Either include and document the isolation wrapper, or remove the isolation claim and clearly state that downloads run locally.
A malformed, forged, or untrusted session ID could cause the agent to kill an unrelated process or remove files ending in .session, .pid, or .log that are outside this skill's intended sessions.
The script trusts the session_id when constructing file paths and trusts the PID file contents before killing the process and deleting related files.
SESSION_ID="$1"
PID_FILE="/tmp/${SESSION_ID}.pid"
PID=$(cat "$PID_FILE")
kill "$PID" 2>/dev/null
rm -f "$SESSION_FILE" "$PID_FILE" "$LOG_FILE"Validate session IDs with a strict pattern, store sessions in a private 0700 directory, resolve paths to ensure they stay inside that directory, and verify the PID belongs to the expected yt-dlp command before killing it.
Downloads can continue consuming network, CPU, disk, and storage after the user moves on unless checked or killed.
The downloader intentionally starts a background process that keeps running after the command returns.
nohup yt-dlp \
--no-warnings \
--progress \
...
"$URL" > "$LOG_FILE" 2>&1 &Make sure users explicitly request long-running downloads, show active sessions clearly, and provide reliable cleanup and timeout controls.
Private or tokenized video URLs may be left in temporary files or logs during a download.
The skill stores full URLs, output paths, and logs in /tmp session files.
SESSION_FILE="/tmp/${SESSION_NAME}.session"
LOG_FILE="/tmp/${SESSION_NAME}.log"
"url": "$URL",
"output_dir": "$OUTPUT_DIR"Use a private per-user state directory with restrictive permissions, avoid storing sensitive URL query strings when possible, and document retention/cleanup behavior.
Behavior depends on whatever yt-dlp binary is installed locally, which may differ by version or provenance.
The skill relies on the yt-dlp executable available in the user's PATH, while the registry metadata declares no required binaries or install specification.
nohup yt-dlp \
Declare yt-dlp as a required binary, document trusted installation sources, and consider version guidance or pinning.