YouTube Archiver

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: archives YouTube playlists into local notes, with sensitive but disclosed options for YouTube cookies and AI enrichment.

Before installing, make sure you are comfortable granting yt-dlp access to your YouTube session or cookies file for the playlists you select. Use dry-run first, keep the output directory specific, set providers to none or Ollama if you do not want transcript or metadata content sent to remote AI services, and only add cron after reviewing the exact command.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (6)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 97% confidence
Finding: The skill instructs the agent to run Python scripts, read/write configuration and note files, access browser-derived cookies, consume environment variables for API keys, and use networked tooling like yt-dlp, but it does not declare corresponding permissions. This creates a capability/permission mismatch that can cause users or the runtime to underestimate the skill’s access to local files, secrets, shell execution, and external services.

Context-Inappropriate Capability

Medium

Confidence: 84% confidence
Finding: The code invokes an external `summarize` executable from `PATH` as a fallback for transcript extraction. That creates a trust boundary issue: a malicious or unintended binary earlier in `PATH` could be executed, and the tool receives YouTube URLs and may perform additional undisclosed network/data handling outside this code's control.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill explicitly describes using browser cookies for YouTube authentication and sending transcripts or playlist-derived content to third-party AI providers, but the README does not clearly warn users about the privacy implications. This can lead users to unknowingly expose private playlist contents, watch history-adjacent data, or transcript content to external services, especially when processing private playlists such as Liked Videos or Watch Later.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The documentation lists multiple third-party AI providers and API-key based integrations but does not clearly disclose that video transcripts, titles, descriptions, and other metadata may be sent off-device to external services for summarization or tagging. In this skill's context, that omission is important because users may archive private, sensitive, or copyrighted YouTube content and reasonably assume processing is local unless warned otherwise.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: This workflow can extract browser cookies via `yt-dlp --cookies-from-browser` or use a cookies file and pass those credentials to external tooling to access private YouTube data. In a YouTube archiver this is functionally relevant, but it is still sensitive because browser-derived auth material is being used without an explicit warning or consent mechanism in code, increasing privacy and account-exposure risk.

Missing User Warnings

Medium

Confidence: 80% confidence
Finding: The code reads API keys from environment variables and uses them for outbound requests to third-party LLM providers, while also sending transcript and summary content externally. That's expected for AI summarization/tagging, but it is still a real data-handling risk because users may not realize local video metadata/transcripts are being transmitted to outside services under their credentials.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal