ClawHub

Youtube Channel Monitor

Security checks across malware telemetry and agentic risk

Overview

The skill does what it says at a high level, but it can automatically publish video summaries to external services using a hardcoded Telegram bot and fixed destination.

Review and edit the script before installing. Replace the embedded Telegram bot token and channel ID with your own configuration, confirm whether you want automatic Telegraph publishing enabled, and test manually before adding the hourly cron job.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
81% confidence
Finding
The trigger scenarios are broad enough that the skill may activate in loosely related conversations without a clear user instruction to subscribe, summarize, or publish. In a skill that performs monitoring and external publication, ambiguous activation increases the chance of unintended network actions, subscription changes, or content dissemination.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The description omits a clear warning that the skill can automatically publish generated content to Telegraph and push it to a Telegram channel. Lack of upfront disclosure is risky because users may provide channel links or content expecting local summarization, not automated public or semi-public distribution.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The script sends transcript-derived content to external services, including Jina for translation and Telegraph for publication, without any consent gate, warning, or data-classification check. In a monitoring skill that processes third-party content automatically, this increases the risk of unintentionally exfiltrating sensitive, copyrighted, private, or embargoed material to external providers.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal