Trust Assessment
youtube-api received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 7 findings: 6 critical, 0 high, 1 medium, and 0 low severity. Key findings include Persistence / self-modification instructions, Skill performs file system write operations.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings7
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/therohitdas/youtube-api/scripts/tapi-auth.js:467 | |
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/therohitdas/youtube-api/scripts/tapi-auth.js:468 | |
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/therohitdas/youtube-api/scripts/tapi-auth.js:472 | |
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/therohitdas/youtube-api/scripts/tapi-auth.js:473 | |
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/therohitdas/youtube-api/scripts/tapi-auth.js:581 | |
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/therohitdas/youtube-api/scripts/tapi-auth.js:688 | |
| MEDIUM | Skill performs file system write operations The `tapi-auth.js` script, executed by the `node` binary, uses Node.js `fs` module functions (`fs.mkdirSync`, `fs.copyFileSync`, `fs.writeFileSync`) to create a directory and write/backup configuration files (`~/.openclaw/openclaw.json`, `~/.openclaw/openclaw.json.bak`) in the user's home directory. While the target files are specific and declared in the skill's manifest, direct file system writes by an untrusted skill can pose a risk if the target paths were less constrained or if the content written could be malicious. This capability allows the skill to modify the user's local environment. Ensure the skill's scope for file system access is strictly limited to necessary configuration files and that the content written is always controlled and non-executable. Consider sandboxing file system operations if possible to prevent unintended modifications or privilege escalation. | LLM | scripts/tapi-auth.js:209 |
Scan History
Embed Code
[](https://skillshield.io/report/11d3821b77c17983)
Powered by SkillShield