ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Bootleg Link

v1.0.1

Download music from YouTube channels/playlists and convert to 320kbps MP3. Supports batch processing, resume interrupted downloads, and concurrent downloading.

0· 62·0 current·0 all-time
by@esanle
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's name, description, and instructions all describe downloading and converting YouTube audio and only require yt-dlp and ffmpeg. However, the bundle includes scripts/bootleg-ssh.sh which implements multiple SSH tunneling methods (websocket bridging, DNS tunnel via iodine, HTTP CONNECT proxy, SSH-over-443). An SSH tunneling utility is not required or explained by the downloader's purpose and is therefore an incoherent and disproportionate inclusion.
Instruction Scope
The SKILL.md instructions themselves are focused on downloading and conversion and only reference yt-dlp, ffmpeg, and optional mutagen. They declare a few BOOTLEG_* environment variables for output and concurrency. The README does not instruct the agent to run the SSH tunneling script, but the script is bundled in the package and expands what a user/agent could run — enabling covert/proxy network channels and requiring additional binaries (websocat, iodine, nc). This increases scope beyond what the documentation states.
Install Mechanism
This is an instruction-only skill (no install spec). That minimizes automatic disk changes at install time. The SKILL.md recommends pip-installing yt-dlp and mutagen, which is proportional for the stated functionality.
Credentials
The skill declares no required credentials and only a few benign configuration env vars (output dir, quality, concurrency, archive file). One minor oddity: the default BOOTLEG_OUTPUT_DIR is /mnt/e/..., which looks like a Windows-mounted drive path and may be inappropriate on many Linux/macOS hosts (could lead to unexpected write locations). No secret or cloud credentials are requested.
Persistence & Privilege
The skill is not forced-always and does not request elevated platform privileges. It does not attempt to modify other skills or system-wide agent configs. The included shell script may suggest commands that need sudo (iodine), but the skill metadata does not request persistence or elevated privileges by itself.
What to consider before installing
The core downloader instructions look coherent and proportional for a yt-dlp + ffmpeg-based tool. However, the included scripts/bootleg-ssh.sh is unrelated to downloading and provides multiple tunneling options (websocket bridge, DNS tunnel, HTTP proxy, SSH-over-443). Before installing or running this skill: 1) Verify the skill's origin — the source/homepage is unknown. 2) Inspect or remove scripts/bootleg-ssh.sh if you don't need it; do not run it unless you understand the networking implications. 3) Avoid running the script with sudo; it references tools (websocat, iodine, nc) that may need separate review. 4) Consider running the skill in a sandbox/VM or container and review where the default output directory points (the default /mnt/e/... may be unintended). 5) Remember downloading YouTube content can violate service terms or copyright law — ensure you have the right to download the media. If you cannot confirm why the SSH tunneling script is included, treat the package as untrusted.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cy7hb3t43qq1hq89snnnkcd83njxw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎵 Clawdis
OSLinux · macOS
Binsyt-dlp, ffmpeg

Comments