ClawHub

Youtube Search Extractor

Security checks across malware telemetry and agentic risk

Overview

This skill does what it advertises: it searches YouTube, extracts video links, and saves local results, with privacy and dependency cautions.

Install only if you are comfortable with a global browser-automation dependency contacting YouTube and writing local HTML and link files. Use non-sensitive search terms, review or delete generated HTML before sharing outputs, and prefer pinned dependencies or a reviewed lockfile in stricter environments.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill advertises link extraction but writes the full fetched HTML to disk, which may include unrelated page content, personalized data, or session-derived information from the browser context. This expands data collection beyond the declared purpose and creates unnecessary local data exposure if files are later accessed, uploaded, or logged.

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The skill's stated purpose is link extraction, but it controls an external browser subprocess that can open pages, fetch DOM content, and manipulate browser state. That broader capability increases the trust and attack surface substantially, especially in agent environments where browser tools may have authenticated context or access to sensitive pages.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The README discusses avoiding bans and using proxies, but it does not clearly disclose that the skill sends search queries to YouTube and may expose the user's IP address, search terms, browser fingerprint, and possibly data to proxy operators. In a browser-automation skill, this omission can mislead users about privacy and network-exposure risks, especially when encouraging proxy use.

Unpinned Dependencies

Low
Category
Supply Chain
Content
"node": ">=16.0.0"
  },
  "dependencies": {
    "agent-browser": "latest"
  },
  "devDependencies": {
    "pytest": "^7.0.0"
Confidence
93% confidence
Finding
"agent-browser": "latest"

Unpinned Dependencies

Low
Category
Supply Chain
Content
"agent-browser": "latest"
  },
  "devDependencies": {
    "pytest": "^7.0.0"
  }
}
Confidence
88% confidence
Finding
"pytest": "^7.0.0"

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal