ClawHub
Back to skill

Security audit

summerizeryoutube

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward YouTube summarizer that uses a local backend, with storage and tool-use risks that are disclosed enough to be installation guidance rather than a security hold.

Install this only if you intentionally run and trust the localhost:8000 backend. Before using it with sensitive, private, or copyrighted videos, check how that backend fetches transcripts, where embeddings are stored, how long data is retained, and how it can be deleted.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The system prompt uses broad routing rules like 'If user sends YouTube link call process_video' and 'If user asks question call retrieve_chunks' without clear scope checks, consent boundaries, or constraints on when tool invocation is appropriate. This can cause unintended tool calls on loosely matched inputs, increasing the chance of unnecessary processing, privacy issues, or misuse of local services through prompt-triggered behavior.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly states that transcripts are fetched, chunked, embedded, and stored in a vector database, but it provides no user-facing notice, consent flow, or data handling limitations. That creates a real privacy and data-governance risk because users may supply videos containing sensitive or copyrighted transcript content without understanding that the content may be persisted or transmitted to external systems.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal