I’m building a site that will use youtubeAPI to keep track of playlist changes.
In order for 3rd party to use it I would supply a dialog box in which user would type his/hers playlistID – this would be read and then put as an argument into bash script that in turn runs curl/python scripts to connect with API (ran on my machine) and another bash script that would mkdirs on my disk.
Does this potentially endanger me/my files somehow ?
Can someone input some magic command that would do “rm * -f” or similar malicious endeavor ?
Should I use some external server instead of my machine ?
I know nothing about security, Ive read few topics here but didnt find similar problem.