Trust Assessment
youtube-playlists received a trust score of 92/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 3 findings: 0 critical, 0 high, 1 medium, and 1 low severity. Key findings include Insecure deserialization of OAuth tokens using pickle, Broad YouTube API scope requested, Unpinned Python dependencies.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Insecure deserialization of OAuth tokens using pickle The skill uses Python's `pickle` module to serialize and deserialize OAuth tokens (`token.pickle`). `pickle` is known to be insecure against maliciously constructed data. If an attacker can replace or modify the `token.pickle` file, they could achieve arbitrary code execution when the skill attempts to load the token, potentially leading to credential compromise or system takeover. Replace `pickle` with a more secure serialization format (e.g., JSON with encryption for sensitive data). Ensure strict file permissions on `token.pickle` to prevent unauthorized modification. Consider using a dedicated credential management system. | LLM | scripts/yt_playlist.py:36 | |
| LOW | Unpinned Python dependencies The skill imports `google_auth_oauthlib` and `googleapiclient` but does not specify exact versions for these dependencies (e.g., in a `requirements.txt` file). This can lead to supply chain vulnerabilities if a new version of a dependency introduces breaking changes, security flaws, or malicious code. Unpinned dependencies make the skill susceptible to 'dependency confusion' or 'dependency hijacking' attacks. Create a `requirements.txt` file and pin all Python dependencies to specific, known-good versions (e.g., `google-auth-oauthlib==X.Y.Z`). Use a tool like `pip-compile` or `poetry` to manage dependencies deterministically. | LLM | scripts/yt_playlist.py:15 | |
| INFO | Broad YouTube API scope requested The skill requests the `https://www.googleapis.com/auth/youtube` scope, which grants full read/write access to the user's YouTube account, including managing playlists, videos, and subscriptions. While this may be necessary for the skill's stated functionality (managing playlists), it represents a high-privilege permission. If the skill were to be compromised, an attacker would gain extensive control over the user's YouTube account. Users should be aware of the broad access granted. If possible, narrow down the API scopes to the minimum required permissions for the skill's functionality. If the broad scope is unavoidable, ensure the skill's code is thoroughly secured against other vulnerabilities to prevent misuse of this extensive access. | LLM | scripts/yt_playlist.py:23 |
Scan History
Embed Code
[](https://skillshield.io/report/da949face450272e)
Powered by SkillShield