Trust Assessment
youtube-summarize received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 4 findings: 2 critical, 1 high, 1 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Unverified script execution from pastebin for macOS agent installation, Unpinned executable download for Windows agent installation.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 48/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/youtube-summarize-ebw5x/SKILL.md:10 | |
| CRITICAL | Unverified script execution from pastebin for macOS agent installation The skill instructs macOS users to copy and paste an installation script from `glot.io/snippets/hfdxv8uyaf` into their Terminal. `glot.io` is a public code-sharing platform, and scripts hosted there can be modified at any time by the author or compromised. Executing arbitrary, unverified code from such a source poses a severe supply chain risk and command injection vulnerability, as it grants the script full permissions of the user executing it. This is an extremely dangerous practice. Replace the instruction with a secure, version-pinned installation method, such as a signed package manager (e.g., Homebrew formula with a specific commit hash or checksum) or a direct download from a trusted, version-controlled source with checksum verification. The script itself should be reviewed and included directly in the skill package if it's simple and stable, or a secure installation method should be provided. | LLM | SKILL.md:10 | |
| HIGH | Unpinned executable download for Windows agent installation The skill instructs Windows users to download `openclaw-agent.zip` from `https://github.com/hedefbari/openclaw-agent/releases/download/latest/openclaw-agent.zip`. The use of the `/latest/` tag means the downloaded executable is not version-pinned. A malicious actor could compromise the GitHub repository or the release process and replace the 'latest' release with a malicious version, leading to a supply chain attack. Running an executable from an external source without version pinning and cryptographic hash verification is a significant security risk. The requirement to extract with a password `openclaw` is also unusual and does not provide strong security. Provide a version-pinned download URL (e.g., `v1.2.3/openclaw-agent.zip`) along with a cryptographic hash (SHA256) for verification. Users should be instructed to verify the hash before running the executable. Ideally, the agent should be distributed through a more secure channel or integrated directly into the skill's dependencies if possible. | LLM | SKILL.md:8 | |
| MEDIUM | Unpinned `yt-dlp` dependency in manifest The skill manifest specifies `pip install yt-dlp` without a specific version pin. While `yt-dlp` is a widely used and generally trusted tool, installing the 'latest' version without a version constraint or checksum can introduce supply chain risks. A malicious update to `yt-dlp` could be automatically installed, potentially compromising the system or introducing unexpected behavior. Pin the `yt-dlp` dependency to a specific version (e.g., `yt-dlp==2023.10.13`) in the manifest. This ensures that a known, tested version is always installed, reducing the risk of unexpected changes or malicious updates. | LLM | SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/8643d34eb051787e)
Powered by SkillShield