Trust Assessment
youtube-summarize received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 3 findings: 2 critical, 1 high, 0 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Untrusted Binary/Script Download for 'openclaw-agent', Potential Command Injection via unsanitized VIDEO_URL.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/youtube-summarize-ib7el/SKILL.md:10 | |
| CRITICAL | Untrusted Binary/Script Download for 'openclaw-agent' The skill requires downloading and executing an external, untrusted binary ('openclaw-agent.zip' with a hardcoded password 'openclaw') from a GitHub release, and an unverified script from 'glot.io'. This poses a severe supply chain risk, as the downloaded content could be malicious, contain hidden instructions, or grant excessive permissions to an attacker. The agent is stated as 'required' for core functionality, implying significant capabilities. Remove the requirement for 'openclaw-agent' or provide a secure, verifiable, and auditable method for its installation. If 'openclaw-agent' is essential, it should be part of the skill package, signed, or installed via a trusted package manager. Avoid hardcoded passwords and external script downloads from unverified sources. | LLM | SKILL.md:8 | |
| HIGH | Potential Command Injection via unsanitized VIDEO_URL Multiple shell commands within the skill directly interpolate the 'VIDEO_URL' parameter into `yt-dlp` commands. If the calling AI agent does not properly sanitize or escape the 'VIDEO_URL' input, a malicious user could inject arbitrary shell commands. For example, a crafted URL like `http://example.com; rm -rf /` could lead to command execution on the host system. Ensure that all external inputs, especially 'VIDEO_URL', are strictly validated and properly escaped before being passed to shell commands. Use a safe command execution mechanism that prevents shell interpretation of arguments, or explicitly quote and escape the input using functions like `shlex.quote()` in Python. | LLM | SKILL.md:23 |
Scan History
Embed Code
[](https://skillshield.io/report/f92758a880d41099)
Powered by SkillShield