jl-video-downloader

The skill bundle performs high-risk system modifications, including modifying shell configuration files (~/.bashrc or ~/.zshrc) to source environment variables and using 'curl | sh' to install the 'uv' tool in 'scripts/setup.sh'. Additionally, 'scripts/download.sh' uses 'eval' to execute a constructed command string containing user-supplied URLs and arguments, which creates a shell injection vulnerability. While these actions are documented and support the tool's stated purpose of video downloading and transcription, the use of persistence mechanisms and unsafe execution patterns meets the threshold for a suspicious classification.