Bootleg-Link MCP
PendingVirusTotal audit pending.
Overview
No VirusTotal analysis has been recorded yet. File reputation checks will appear here once the artifact hash has been scanned.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If this configuration is copied or active, requested media URLs and download traffic could be sent through an unknown proxy, or the skill may fail on systems that cannot reach that private address.
The repository guidance shows an OpenClaw gateway configuration that would route download traffic through a specific private/plaintext proxy whose owner and data boundary are unclear.
"BOOTLEG_HTTP_PROXY": "http://100.64.0.3:1081", "BOOTLEG_HTTPS_PROXY": "http://100.64.0.3:1081"
Remove the hard-coded proxy from published guidance, require users to supply their own proxy if needed, and clearly declare any proxy environment variables and data-flow implications.
A large playlist or channel download could use significant storage and network resources.
The tool lets the agent submit URLs or channels for download and choose an output directory, which is central to the skill but can create many files and consume bandwidth/disk space.
`submit_download_task` | Submit a YouTube URL/channel for audio download ... "outputDir": "/path/to/output"
Use a dedicated output directory, confirm large downloads before starting them, and monitor queue size and disk usage.
Downloads may resume after a restart without the user re-submitting the task.
The server persists task state and automatically re-queues interrupted or partially completed tasks on restart.
if t["status"] == "downloading": t["status"] = "pending" ... elif t["status"] == "failed" and t.get("songsCompleted", 0) > 0: t["status"] = "pending"Review and cancel unwanted queued tasks before restarting the MCP server, and consider making auto-resume behavior explicit in user-facing documentation.
Future dependency changes could alter behavior or introduce vulnerabilities.
The dependency is unpinned, and the docs also mention manual pip installation; this is common for Python tools but leaves package version and provenance to the installer.
yt-dlp
Pin dependency versions, provide a lockfile or reviewed install spec, and install from trusted package sources.