YouTube API

Security checks across malware telemetry and agentic risk

Overview

This is mostly a YouTube data API skill, but it quietly includes channel email lookup tools without clear privacy or authorized-use limits.

Review carefully before installing. Use the email lookup endpoints only for lawful, authorized purposes, avoid bulk collection or unsolicited outreach, and make sure you trust AGNTDATA with your API key and the YouTube queries, channel IDs, URLs, and use-case details you submit.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Description-Behavior Mismatch

High

Confidence: 97% confidence
Finding: The manifest description says the skill is for YouTube data, search, and trends, but the documented tool set also includes endpoints to retrieve channel email addresses. That materially expands the skill’s capability into personal/contact data collection, which can mislead users, reviewers, and policy systems about what the skill can do. The mismatch is especially risky because email extraction is a higher-sensitivity function than ordinary video metadata retrieval.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill encourages sending queries, channel identifiers, research targets, and other usage data to a third-party API but does not warn users that potentially sensitive research or account data will leave the local environment. In an agent context, this can cause unintentional disclosure of investigative targets, proprietary workflows, or monitored accounts to an external service.

Missing User Warnings

High

Confidence: 98% confidence
Finding: The skill documents tools for obtaining channel email data without any warning about consent, authorization, anti-scraping/privacy rules, or acceptable-use constraints. Providing contact-data retrieval as a normal feature can facilitate targeted scraping, spam, phishing, or deanonymization workflows, especially when embedded into autonomous agents.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal