Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 70% confidence
- Finding
- Without declared permissions the skill's intent is opaque and cannot be validated.
YouTube Summary - Auto Video Summarizer
Security checks across malware telemetry and agentic risk
Overview
This skill fetches public YouTube captions and formats them for the agent to summarize, with no evidence of hidden access, credential use, persistence, or destructive behavior.
Install only if you are comfortable sending provided public YouTube video IDs through the YouTube transcript library. In sensitive environments, review or pin youtube-transcript-api before use, and remember that the actual summary is produced by your agent from the fetched transcript.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
- MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)
Tp4
High
- Category
- MCP Tool Poisoning
- Confidence
- 94% confidence
- Finding
- This is a mismatch because the description's central promise is automatic subtitle retrieval and summary generation, including different summary lengths and multilingual summarization support. The code only retrieves subtitles via youtube-transcript-api, optionally for a specified language, and cleans/chunks transcript text into a formatted transcript output. There is no implementation of summary generation, no logic for controlling summary length, and no actual multilingual summarization beyond selecting subtitle language. While listing available subtitle languages is related, it is an extra capability not mentioned in the description. The primary purpose implemented is subtitle fetching and transcript formatting, not end-to-end YouTube summarization as declared.
Unpinned Dependencies
Low
- Category
- Supply Chain
- Content
youtube-transcript-api>=0.6.0
- Confidence
- 50% confidence
- Finding
- youtube-transcript-api>=0.6.0
VirusTotal
65/65 vendors flagged this skill as clean.