Back to skill

Security audit

dataify-youtube-transcript-by-id

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Dataify helper for submitting YouTube transcript jobs, with no hidden local access, silent persistence, or unrelated data transfer found.

Install this if you intend to use Dataify for YouTube transcript collection by video ID. Be aware it may use a saved DATAIFY_API_TOKEN to create Dataify tasks, so review the parameters before submission and only save the token locally if you are comfortable with future reuse.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill instructs the agent to access a locally saved environment token and make outbound network requests, but it declares no permissions or equivalent disclosure. This creates a capability/consent gap: users may not realize the skill can consume local secrets and contact an external API on their behalf.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger description is overly broad, including generic action verbs like collect/scrape/crawl/fetch/extract and wide Chinese equivalents. This can cause the skill to activate on loosely related requests, increasing the chance of unintended external task submission, unnecessary token handling, or data exfiltration workflows being invoked when the user did not clearly intend to use this specific Dataify integration.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill enables implicit invocation but does not define a narrowly scoped activation condition in the file itself, increasing the chance the agent will auto-trigger on loosely related user requests. In this context, that can cause unintended submission of external Dataify transcript collection tasks, potentially sending user-supplied video identifiers or related request data to a third-party service without sufficiently explicit user intent.

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
- If the user provides a token in the request, use it for this run.
- If no token is provided, first check whether `DATAIFY_API_TOKEN` is already saved locally in the environment.
- If `DATAIFY_API_TOKEN` is saved locally, use it without asking the user to re-enter the token.
- If no token is available locally, tell the user they need to provide a Dataify API TOKEN.
- If the user does not have an API TOKEN, tell them they can register or log in at [Dataify](https://dashboard.dataify.com/login?utm_source=skill) to get one.
- If the user already has an API TOKEN, tell them it is available in the top-right area of [Dataify](https://dashboard.dataify.com?utm_source=skill).
Confidence
80% confidence
Finding
without asking

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.