ClawHub
Back to skill

Security audit

YOUKU Video Details API

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a straightforward API wrapper, with a credential-handling weakness users should understand before use.

Install only if you are comfortable with the API token being placed in request URLs. Use a least-privilege token, avoid sharing logs or screenshots that include request URLs, and rotate the token if it may have been exposed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill requires the API token to be supplied as a query parameter and then appends it into the URL. Query-string secrets are commonly exposed through logs, monitoring systems, browser/history equivalents, intermediary proxies, and error reporting, making credential disclosure more likely than if the token were sent in an Authorization header. In this skill context, the risk is real because the code is a generic API wrapper and offers no warning, masking, or safer alternative for handling credentials.

Missing User Warnings

Low
Confidence
91% confidence
Finding
The operation documentation requires a `token` query parameter but does not warn users that an authentication secret is being transmitted, which can lead to accidental exposure in logs, browser history, shared URLs, and monitoring tools. In this skill context, the risk is somewhat elevated because query-string tokens are especially easy for integrators and agent frameworks to mishandle if the documentation does not explicitly call out the sensitivity of the parameter.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.secret_argv_exposure

Instructions pass high-value credentials through process argv.

Critical
Code
suspicious.secret_argv_exposure
Location
SKILL.md:41