Youtube Transcribe Skill

Security checks across malware telemetry and agentic risk

Overview

This skill can extract YouTube transcripts, but it defaults to using browser session cookies without clear consent.

Review before installing. Use only if you are comfortable letting the agent access browser-authenticated YouTube context. Prefer a no-cookie transcript path for public videos, and require explicit approval before any browser-cookie or browser-automation fallback is used.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 95% confidence
Finding: The skill instructs use of `yt-dlp --cookies-from-browser=chrome` to extract authentication cookies from the local browser profile, even though transcript extraction does not inherently require access to a user's browser session data. This expands the skill from simple content retrieval into accessing sensitive local session material, which can expose authenticated state and private account context without clear necessity or user consent.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The instructions recommend browser cookie extraction as the default behavior without a user-facing warning that local browser session data will be accessed. That creates a privacy and security risk because the skill normalizes access to sensitive authentication material for a task that is often possible anonymously.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal