Kai YouTube

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it downloads YouTube audio, transcribes it locally, and saves the audio and transcript in a workspace folder.

Install only if you are comfortable with local yt-dlp and Whisper processing YouTube URLs and storing audio/transcripts on disk. Use normal trusted YouTube links, monitor disk usage for long videos, and delete saved media when no longer needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger phrases include very generic terms such as "youtube," "watch this video," and "what does this video say," which are likely to appear in ordinary conversation and can cause the skill to activate unintentionally. Because this skill downloads remote media and writes files into the workspace, accidental invocation can lead to unintended network access, storage consumption, and processing of untrusted external content.

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The skill description explains functionality but does not prominently warn users that it will fetch content from the internet and persist audio and transcript files under the workspace directory. In an agent setting, lack of clear disclosure increases the chance of users triggering external downloads and local data creation without informed consent, which can have privacy, storage, and trust implications.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal