ClawHub

YouTube Publisher

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate YouTube uploader, but it gives an agent durable authority to publish or modify YouTube channel content without a required confirmation step.

Install only if you are comfortable granting this skill reusable access to your YouTube channel. Keep uploads private by default, explicitly confirm the file path, account/channel, title, description, tags, thumbnail, playlist, and privacy setting before each upload, and revoke or delete the stored token if you stop using it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill documentation clearly describes network access to YouTube APIs and local file writes for OAuth tokens, thumbnails, and uploads, but it does not declare corresponding permissions. Missing permission declarations undermine least-privilege review and can cause users or orchestrators to invoke a skill with capabilities they were not explicitly warned about.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The example invocation phrase is broad natural language that resembles ordinary conversation, which increases the chance of accidental triggering by an agent. Because the skill performs an external side effect—uploading content to YouTube—ambiguous activation can lead to unintended publication or data transfer.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation explains how to upload and even publish publicly, but it does not prominently warn that videos, thumbnails, titles, descriptions, tags, and playlist choices are sent to YouTube and may become publicly visible. Users may therefore underestimate the privacy and publication consequences of invoking the skill.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal