ClawHub

youtube-channel-api-skill

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it claims: use a BrowserAct API key to fetch structured YouTube channel search results, with no evidence of hidden persistence, destructive behavior, or unrelated data access.

Install this only if you intend to use BrowserAct for YouTube channel research. Set the API key as an environment variable rather than pasting it into chat, avoid confidential search terms unless you are comfortable sharing them with BrowserAct, monitor API quota, and stop the process manually if polling appears stuck.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill invokes a Python script, requires an environment secret (`BROWSERACT_API_KEY`), and is designed to call an external API, but it does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: an agent or platform may allow execution without clearly signaling to users that network access and secret consumption will occur.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The description tells the agent to 'proactively apply this skill' across a wide range of loosely related user intents, without clear boundaries or consent requirements. That can cause the agent to invoke an external API and transmit user-supplied queries unexpectedly, increasing the risk of overreach, privacy leakage, and unintended actions.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script sends user-supplied search keywords and a bearer API credential to BrowserAct, a third-party external service, without any explicit user-facing disclosure, consent prompt, or data-handling notice. In an agent skill context, this is security-relevant because users may not realize their query data is being transmitted off-platform to an external vendor, creating privacy, compliance, and trust risks even though the transmission appears to be part of the intended functionality.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal