ClawHub
Back to skill

Security audit

Video Transcript Downloader

Security checks across malware telemetry and agentic risk

Overview

The skill mostly does what it claims, but its unrestricted yt-dlp argument passthrough can let a prompt or user request make yt-dlp run arbitrary commands.

Install only if you trust the skill and will review commands before running them. Avoid using the extra yt-dlp argument passthrough unless you understand the option being passed, and do not allow web page content or untrusted prompts to choose arguments such as --exec or output paths.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The manifest description contains broad trigger phrases like 'download this video', 'save this clip', and 'get transcript', which can match ordinary user requests without clearly signaling that the skill will fetch remote content and write files locally. That increases the chance of unintended invocation, causing unreviewed network access, media downloads, or local storage changes in contexts where the user did not explicitly consent to those actions.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill description explains how to download video, audio, subtitles, and transcripts but does not warn that it contacts external sites and writes downloaded media/transcript data to local storage. In this context, that omission is meaningful because users may trigger the skill for a simple information request and not realize it will perform network retrieval and persist content on disk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal