ClawHub

Youtube Transcript Fetcher

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed remote YouTube transcript fetcher, with privacy considerations around third-party processing and temporary cloud-hosted transcript files.

Install only if you are comfortable sending YouTube video URLs or IDs to AgentPMT and receiving transcript output as a temporary signed cloud file. Avoid private, confidential, or regulated video content unless AgentPMT's storage and retention terms are acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The activation keywords are broad and include generic phrases like summarization, accessibility, and video URL/video ID terms that could cause an agent to invoke this skill in contexts where the user did not specifically consent to sending content to a third-party service. This is risky because the tool transmits request data externally and returns transcript data via cloud-hosted files, so accidental invocation can create privacy and data-handling issues.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill description does not prominently warn that transcript output is stored in cloud storage and exposed through a signed download URL rather than returned inline. Users or downstream agents may assume local or ephemeral processing and unintentionally send sensitive video-derived content into external storage, increasing privacy and retention risk.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The action description states that the transcript is saved to cloud storage and returned via a signed download URL, but the overall skill description does not prominently warn users that fetched content is persisted outside the immediate tool response. This can mislead users into submitting sensitive or private video URLs under the assumption of transient processing, creating confidentiality and data-retention risk if transcripts contain non-public or regulated content.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal