MeowMusic YouTube MP3

Security checks across malware telemetry and agentic risk

Overview

This skill is coherent for MeowMusic YouTube fallback work, but it moves browser cookies to a server and changes system packages without enough safety controls.

Install only for a server and browser profile you control. Treat exported YouTube/Google cookies like login credentials: use a dedicated account/profile, a trusted HTTPS or private-network endpoint, real admin authorization, strict file permissions, short retention, and deletion/rotation procedures. Review the bootstrap script before running it on any production host.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
YARA SignaturesMalware Match, Webshell Match, Cryptominer Match
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (8)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 91% confidence
Finding: The skill clearly directs use of shell commands, file access, network calls, and environment-dependent tooling, yet it declares no permissions or trust boundaries. That mismatch is dangerous because an agent or user may invoke credential export, package installation, or remote upload behavior without explicit review or consent gates.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill instructs exporting browser cookies and POSTing their contents to a server endpoint without an explicit warning that cookies are authentication material equivalent to session credentials. Uploading them can enable account/session hijacking if the endpoint, transport, logs, or server storage are compromised or misused.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill explicitly instructs exporting browser cookies and posting the raw cookie text to a server API, but it does not require a user-facing warning, informed consent, transport/authentication safeguards, or minimization of sensitive data. Browser cookies can carry active session credentials, so transmitting them to another host creates real account-compromise and privacy risk if the server, logs, or transport are exposed.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The guidance explicitly checks for and uses a local YouTube cookie file to authenticate requests, but provides no warning about the sensitivity of exported browser cookies. In this skill's context, which mentions exporting/syncing Windows Chrome cookies to a server, this materially raises risk of credential/session theft, account misuse, and accidental transfer of highly sensitive authentication material into less trusted environments.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: This script performs privileged package installation, adds a new APT repository, writes under /etc, and installs global Python/npm packages without any runtime prompt, dry-run mode, or explicit safety check. In the context of an agent skill, that is risky because execution materially changes the host and expands trust to third-party package sources, so accidental or automated execution on the wrong system could cause system integrity or supply-chain exposure.

Missing User Warnings

High

Confidence: 96% confidence
Finding: The script exports browser cookies and uploads them to a server endpoint, which can transfer active session material for YouTube/Google accounts. In this skill context, that is especially sensitive because the stated purpose is to sync Windows Chrome cookies to a server for server-side media acquisition, creating real risk of account takeover or misuse if the server, token, or transport is compromised.

Credential Access

High

Category: Privilege Escalation
Content: ## Files in this skill - `scripts/install_server_env.sh` — server bootstrap for Node 22, yt-dlp, yt-dlp-ejs, ffmpeg. - `scripts/youtube_cookie_sync.py` — export Chrome/Edge/Firefox cookies and push them to the server. - `scripts/windows/sync_cookie.bat` — Windows double-click wrapper. - `scripts/windows/open_youtube.bat` — helper to open YouTube in Chrome. - `references/cookie-api-and-sync.md` — cookie API contract and usage notes.
Confidence: 98% confidence
Finding: Chrome/Edge/Firefox cookies

YARA rule 'info_stealer': Information stealer patterns (credential harvesting, browser data theft) [malware]

High

Category: YARA Match
Content: --- name: meowmusic-youtube-mp3 description: "Package and reuse the MeowMusicServer-patched YouTube fallback workflow: Windows Chrome cookie export/sync to server, server-side yt-dlp/yt-dlp-ejs/ffmpeg setup, old-source-first with YouTube fallback, and MV-to-MP3 extraction/caching. Use when Claude needs to wire YouTube audio acquisition into MeowMusicServer or a similar music service, debug YouTube download failures, refresh cookies from a Windows Chrome profile, or implement a local-cache MP3 flow from YouTube videos." --- # MeowMusic YouTube MP3
Confidence: 90% confidence
Finding: cookies from a Windows Chrome; cookies from Chrome; cookies-from-browser chrome

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal