ClawHub

OpenClaw YouTube Upload

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it uploads user-selected videos to YouTube using Google OAuth, with a reusable local token that users should protect.

Install only if you want an agent to upload videos to the chosen YouTube account. Confirm the file, title, description, and privacy setting before each upload, especially public uploads. Keep client_secret.json and token.pickle private, avoid committing them to source control, and delete token.pickle or revoke Google access when you no longer want reusable upload permission.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill explicitly performs YouTube uploads via the API, which requires outbound network access, but no corresponding permission declaration is documented. This creates a transparency and governance gap: operators may invoke a network-capable skill without clear disclosure of that capability or appropriate review controls.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README explicitly states that after first-time consent, uploads will run silently and automatically, but it does not clearly warn that the persisted OAuth token grants ongoing upload capability without fresh user confirmation. In an agent-executed skill, that omission is security-relevant because users may not realize the agent can continue publishing videos later using the stored token.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation states that OAuth credentials and a locally generated token.pickle are used, but it does not warn that these artifacts grant access to the user's YouTube account and must be protected. Users may store them insecurely, commit them to source control, or leave them readable by other local users, enabling account misuse.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal