I see tools like youtube-dl (and its successor yt-dlp) recommended a lot in privacy circles; for example, it was mentioned by Michael Bazzell in his “Linux Lifestyle” article in the latest edition of Unredacted Magazine.
How safe are tools like this? Is there any risk of downloading malware? I assume that Google has good security practices and probably scan files before allowing them to be uploaded.
I also notice that in downloading something using yt-dlp through the command line, it first downloads the webpage, then creates the mp3 or mp4, and then deletes the webpage. Does this run the risk of downloading ads or something?
Nothing is 100% secure, but I think the risk would be quite low. How someone would get malware to persist in a YT video after it’s been processed is beyond me.
If you mean ads on the webpage then no, because yt-dlp is not a browser and doesn’t need to load every single thing or run JS (which is used to show you ads). From what I understand, it only parses data it needs from the webpage after downloading it. yt-dlp also won’t include any video ads, if that’s what you mean.
youtube-dl is active, youtube-dlc (a fork) is inactive, and yt-dlp (based on youtube-dlc) is active. What I meant was that yt-dlp has more features than youtube-dl, and that might be why people recommended it.