ClawHub

Banner Youtube Translate Workflow

Security checks across malware telemetry and agentic risk

Overview

This skill describes a legitimate YouTube translation workflow, but it would run an external absolute-path Python script that is not included for review.

Install only if you trust and can inspect the external workflow.py and the helper skills it chains. Expect it to download YouTube audio, automate Doubao on a visible Windows desktop, play audio, and save audio/transcript files locally; avoid private or sensitive videos unless that local processing and retention are acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The activation text says the skill activates when the user 'needs full video translation,' which is broad and can match many unrelated requests. Ambiguous triggers increase the chance the agent invokes a workflow that downloads external content, launches GUI automation, and creates files without sufficiently explicit user consent.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill describes a workflow that downloads YouTube audio, launches another application, plays media, and writes output files, but it does not clearly warn the user about these side effects. Missing disclosure can lead to unexpected network access, local file creation, and GUI automation on the user's machine, which is risky in an agentic environment.

Natural-Language Policy Violations

Medium
Confidence
81% confidence
Finding
The documented translation modes are all Chinese-oriented and the default is '双语,' implying language behavior that may not match the user's locale or preferences unless they opt in. While not inherently a severe security issue, forced locale/language assumptions can cause unintended data handling, misleading output, and poor user consent around processing preferences.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal