ClawHub
Back to skill

Security audit

YouTube Upload Videos Skill

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it claims: upload user-selected videos to YouTube through Google OAuth, with no hidden unrelated behavior found.

Install only if you are comfortable granting YouTube upload permission to this skill. Keep client_secret.json and token.pickle private, avoid committing or sharing them, run uploads only from trusted folders, confirm the target video and privacy setting before each upload, and delete token.pickle or revoke the Google OAuth grant when you no longer need the skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill explicitly performs network operations against the YouTube Data API but does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: an agent or platform may allow the skill to run without clearly surfacing that it can send data off-host, including uploaded video content and metadata, to an external service.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README explicitly states that a reusable `token.pickle` is created and that subsequent uploads run silently, but it does not warn users that this token grants ongoing YouTube upload capability and must be protected. In an agent-executed skill context, silently reusable OAuth credentials increase the risk of unauthorized uploads or account abuse if the local environment, skill directory, or token file is exposed.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal