ClawHub

YouTube Transcript (yt-dlp)

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a coherent YouTube transcript helper, with disclosed local caching and optional YouTube cookie use.

Install only if you are comfortable running a local Python script that invokes yt-dlp and contacts YouTube. If you provide cookies for restricted videos, treat that cookies file like a login secret, keep it under ~/.config/yt-transcript/, and delete or protect the transcript cache when handling private or members-only content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
97% confidence
Finding
The skill documentation describes use of environment variables, arbitrary file paths, network access, and shell execution via python/yt-dlp, but no permissions are declared. This creates a transparency and policy-enforcement gap: an agent may invoke the skill without users or the runtime being aware that it can read local files, access cookies, and make external requests.

Intent-Code Divergence

Low
Confidence
88% confidence
Finding
The documentation asserts that cookies must be stored under ~/.config/yt-transcript/ for security, yet the interface examples allow --cookies /path/to/cookies.txt and an arbitrary environment variable path. That mismatch can mislead reviewers and users into believing path restrictions exist when they do not, increasing the chance that sensitive browser/session cookies are read from unintended locations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal