ClawHub

YouTube Summarizer

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it summarizes YouTube videos, saves transcripts locally, and may send transcript files to Telegram, with no evidence of hidden or destructive behavior.

Before installing, review or pin the external mcp-server-youtube-transcript dependency if supply-chain control matters. Use this only where saving full transcripts under /root/clawd/transcripts is acceptable, and be careful with Telegram chats because the skill may attach the full transcript file, not just a summary.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README states that full transcripts are automatically saved to disk and sent to Telegram, but it does not clearly warn users that potentially sensitive video-derived content may be persisted locally and transmitted to an external platform. In an agent environment, this can lead to unintentional data retention or disclosure, especially when users paste private, unlisted, or sensitive YouTube links and do not expect automatic storage or onward sharing.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs saving full video transcripts to a persistent path under /root/clawd/transcripts and, for Telegram flows, sending that file to a chat target, but the description and workflow do not require clear user notice or consent for storage and onward transmission. This creates a privacy and data-handling risk because transcripts may contain sensitive or copyrighted content, and users may expect only an in-chat summary rather than durable local retention and external sharing.

Natural-Language Policy Violations

Low
Confidence
82% confidence
Finding
The error-handling guidance says to try an English fallback when the requested language is unavailable, but it does not require informing the user or obtaining opt-in before switching languages. This can lead to inaccurate summaries, misunderstanding of content, or user confusion about what transcript was actually used, especially for multilingual or non-English videos.

Missing User Warnings

Low
Confidence
89% confidence
Finding
The sample output explicitly states that full transcripts are saved locally and, on Telegram, sent as file attachments, but it does not clearly warn users about persistence, retention, or the sensitivity of transcript contents. This can expose potentially sensitive spoken content, metadata, and file paths to unintended disclosure, especially on shared hosts or messaging platforms.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The package description explicitly states that full YouTube transcripts are delivered to messaging platforms, but it provides no warning, consent flow, or policy boundary around sending potentially sensitive or copyrighted content to external services. In an agent context, this can lead to unintended disclosure of private, regulated, or proprietary information if users summarize unlisted/private-linked content or if transcripts contain sensitive material.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal