ClawHub

Dataify Youtube Profiles

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-built for Dataify YouTube profile collection, but it combines external API use, a local API token, and broad implicit invocation without enough declared scoping or user control.

Review before installing. Only use this skill if you intend to send YouTube profile collection parameters to Dataify using your DATAIFY_API_TOKEN. Prefer explicit invocation, confirm each external task before submission, and make sure the token has limited scope or quota because accidental calls could consume API credits or collect data you did not intend to request.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill instructs the agent to read a locally saved environment variable (`DATAIFY_API_TOKEN`) and make outbound network requests to a third-party API, but it declares no permissions for those capabilities. That creates a trust and containment problem: a caller may invoke the skill without realizing it can access local secrets and transmit data externally. In this context, the capability use is functionally expected for the skill's purpose, but the missing declaration still makes it dangerous because secret access and exfiltration paths are not explicitly surfaced to the platform or user.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The skill metadata enables implicit invocation and describes broad trigger conditions around YouTube profile collection, which can cause the agent to invoke this skill on underspecified requests without clear user intent confirmation. In a skill that submits external Dataify Builder tasks and may use API tokens, accidental invocation can trigger unintended data collection requests, privacy-impacting actions, or unnecessary use of external credentials and quota.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal