Dangerous exec
Critical
- Finding
- Shell command execution detected (child_process).
Twitter Video Download
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill mostly matches its stated Twitter/X video-downloader purpose, but it may print your full proxy URL in logs and weakens certificate checks during downloads.
Use this skill only if you are comfortable installing and running yt-dlp locally. Before using a proxy, check whether PROXY_URL contains credentials; if it does, the current script may print them in logs. Prefer a non-secret proxy URL or modify the script to mask proxy details and avoid disabling certificate checks unless explicitly needed.
Static analysis
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
If your proxy URL contains a username, password, token, or private endpoint, it may be revealed in the run transcript or logs.
Why it was flagged
The code reads the configured proxy URL and prints the full value. Proxy URLs commonly can include usernames or passwords, so this can expose credentials in tool output or agent logs.
Skill content
const proxy = process.env.PROXY_URL; ... console.log(`Using proxy: ${proxy}`);Recommendation
Do not print the full proxy URL. Mask credentials before logging, or omit the proxy log line entirely. Users should avoid embedding sensitive credentials in PROXY_URL unless necessary.
What this means
The skill will run a local program to perform downloads, so a compromised or unexpected yt-dlp installation would affect what runs.
Why it was flagged
The skill executes an external yt-dlp process. This is expected for a video downloader and uses shell:false, but it is still local command execution.
Skill content
spawn('yt-dlp', [...ydlArgs, url], { stdio: 'inherit', shell: false })Recommendation
Install yt-dlp from a trusted source, keep it updated, and review command output when running the skill.
What this means
The behavior of the skill depends on whatever yt-dlp version is installed locally.
Why it was flagged
The setup instructs users to install an unpinned package from the Python package ecosystem. This is normal for this purpose, but it leaves version and provenance control to the user.
Skill content
pip install yt-dlp
Recommendation
Use a trusted package source and consider pinning a known-good yt-dlp version in managed environments.
What this means
On an untrusted network or proxy, downloaded content could be more susceptible to interception or tampering.
Why it was flagged
The yt-dlp command always disables certificate checking, even though the comment says it is only needed for proxy cases. This weakens transport security for downloads.
Skill content
'--no-check-certificate' // Only if needed for proxy
Recommendation
Remove --no-check-certificate by default and only enable it with explicit user approval when troubleshooting a known proxy certificate issue.