MTV Rewind
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only skill appears benign: it mainly gives users a link or Telegram web-app button for an external MTV-style video player.
This looks safe to install as a simple link-based entertainment skill. Be aware that it sends users to wantmymtv.xyz, and only use the global install option if you want all of your agents to have access to it.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
When invoked, the agent may send or open a third-party website for the user.
The skill relies on a remote website outside the package. That is purpose-aligned for a video player link skill, but users should recognize that playback content comes from that external domain.
This skill works entirely by directing users to `https://wantmymtv.xyz/player.html`.
Use the skill only if you are comfortable visiting wantmymtv.xyz, and avoid entering sensitive information on the external site unless you trust it.
On Telegram, the agent may send a button that opens the MTV Rewind web player instead of only replying with plain text.
The skill instructs the agent to use a communication tool to send an interactive button. This is expected for the stated use case and is limited to the player URL.
If your agent has access to the `message` tool with inline button support, send a message with a `web_app` button to open the player natively inside Telegram
Ensure the skill is used only in chats where users requested the player, and verify the button URL before opening it.