Back to skill

Security audit

YouTube Memberships Level

Security checks across malware telemetry and agentic risk

Overview

This skill is a narrow YouTube membership-level listing helper, but it requires sensitive OAuth files that users must protect.

Install only if you are comfortable giving the yutu CLI OAuth access to your YouTube account. Keep `client_secret.json` and `youtube.token.json` out of git and shared folders, avoid pasting raw secrets into shell commands or logs, prefer private file paths or a secret manager, and revoke or rotate the OAuth credentials if exposure is suspected.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The setup guide instructs users to download OAuth client credentials and store an access token locally, but it does not warn that these files are sensitive secrets that should not be committed, shared, or left with broad filesystem permissions. In a skill meant to guide users through setup, omission of basic secret-handling guidance can directly lead to credential disclosure and unauthorized access to the user's YouTube account or API project.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
Documenting support for passing OAuth client secrets and cached tokens as raw base64 or JSON through environment variables increases the chance that users will place secrets directly into shell commands, CI variables, logs, crash reports, or process listings. Without any warning about those exposure channels, the documentation normalizes an unsafe secret-handling pattern that can leak long-lived credentials.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.