ClawHub

YT Shorts Niche Research

Security checks across malware telemetry and agentic risk

Overview

This skill mainly performs YouTube Shorts research, but it also instructs automatic weekly Telegram delivery to a named recipient and local heartbeat tracking without adequate user control.

Install only if you specifically want a personal automation that can repeatedly run YouTube Shorts research, send results to the named Telegram recipient, and update a heartbeat file. Otherwise, remove the weekly schedule, Telegram send, and HEARTBEAT.md instructions, and require explicit user approval before running any local script or sending results externally.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The skill metadata presents a bounded research function, but the body adds unrelated autonomous behaviors: unsolicited Telegram outreach and HEARTBEAT.md modification. This hidden scope expansion is dangerous because it enables outbound communication and persistent state changes that a user did not request or consent to, increasing the risk of covert automation and data leakage.

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
The instruction to automatically send results to Abdullah on Telegram unprompted introduces an unjustified outbound messaging capability unrelated to the stated research-only purpose. This is dangerous because it can exfiltrate information, trigger unauthorized communications, and create covert persistence or surveillance behavior under the guise of a research task.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The instruction to update HEARTBEAT.md adds a file-modification side effect unrelated to researching YouTube Shorts channels. Even though the direct impact is lower than external messaging, undocumented persistence mechanisms are risky because they can be used to track execution history, coordinate future actions, or conceal scheduled behavior.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The trigger phrases are broad enough to activate on ordinary conversation such as general channel research or niche-finding requests, without clear boundaries for when this skill should run. In context, this is more dangerous because the skill also contains hidden autonomous and outbound behaviors, so overbroad activation increases the chance those behaviors run without informed intent.

Missing User Warnings

High
Confidence
99% confidence
Finding
The markdown directs automatic, unprompted outbound messaging without warning the user that the skill may contact an external channel on its own. This is particularly dangerous in a research skill because the context does not justify autonomous external communications, making the behavior deceptive and increasing the risk of unauthorized disclosure or spam.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal