YouTube Music Cast

Security checks across malware telemetry and agentic risk

Overview

The skill is coherently aimed at local music casting, but it requires a Home Assistant token and a local media server, which users should handle carefully.

Install only if you trust the source of any referenced scripts, use a dedicated or least-privilege Home Assistant token if possible, keep ~/.youtube-music-cast/config.sh private, revoke the token if exposed, and run the media server only on trusted networks.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The trigger phrases are broad and overlap with common user intents such as 'download music' and 'play music,' which can cause accidental invocation. In a skill that downloads remote content, starts a web server, and controls Home Assistant media devices, unintended activation can lead to unwanted network activity and device actions.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill asks users to generate and store a Home Assistant long-lived access token but does not provide strong safety guidance on token scope, permissions, storage protections, rotation, or exposure risks. Because that token can control Home Assistant APIs, poor handling could enable unauthorized control of smart-home devices if the file is exposed.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal