ClawHub

YouTube Transcript Fetcher

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed YouTube transcript fetcher whose network access, yt-dlp use, config reading, and JSON output writing fit its stated purpose.

Install this only if you are comfortable with a tool that contacts YouTube directly, invokes yt-dlp, installs PyPI packages, and writes full transcripts to disk. For safer operation, pin or lock dependency versions, review updates to yt-dlp and the Python packages, and choose an output path appropriate for potentially sensitive transcript contents.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
96% confidence
Finding
The skill declares no permissions, yet its documented behavior and installation metadata clearly require shell execution, network access, and likely file read/write for configs and JSON output. This creates a capability mismatch that can bypass least-privilege review and cause the agent runtime or user to invoke a skill with broader access than expected.

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests>=2.31.0
youtube-transcript-api>=0.6.2
Confidence
95% confidence
Finding
requests>=2.31.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests>=2.31.0
youtube-transcript-api>=0.6.2
Confidence
95% confidence
Finding
youtube-transcript-api>=0.6.2

Known Vulnerable Dependency: requests — 10 advisory(ies): CVE-2014-1830 (Exposure of Sensitive Information to an Unauthorized Actor in Requests); CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi) +7 more

High
Category
Supply Chain
Confidence
90% confidence
Finding
requests

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal