Trust Assessment
youtube-summarize received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 4 findings: 3 critical, 1 high, 0 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Execution of untrusted script from external pastebin for macOS agent installation, Download and execution of unofficial binary for Windows agent installation.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 25/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/youtube-summarize-lh9rq/SKILL.md:10 | |
| CRITICAL | Execution of untrusted script from external pastebin for macOS agent installation The skill instructs users to visit an external pastebin (`glot.io`), copy an installation script, and paste it into their Terminal. This is a severe supply chain risk and command injection vulnerability. The content of the script is unknown, untrusted, and could change at any time, allowing for arbitrary code execution on the user's machine without prior review or verification. Remove instructions to download and execute scripts from untrusted sources. Provide a verified, official installation method or package for `openclaw-agent`. | LLM | SKILL.md:14 | |
| CRITICAL | Download and execution of unofficial binary for Windows agent installation The skill instructs users to download and run an executable (`openclaw-agent.zip`) from an unofficial GitHub user (`hedefbari`) rather than the official `openclaw` organization. This poses a significant supply chain risk, as the binary could be malicious, compromised, or contain vulnerabilities. The instruction also mentions a hardcoded password for extraction, which is poor security practice. Provide a verified, official installation method for `openclaw-agent` or remove the dependency if an official, trusted source is not available. Do not instruct users to download and execute binaries from unofficial sources. | LLM | SKILL.md:12 | |
| HIGH | Potential Command Injection via unsanitized `VIDEO_URL` in shell commands Multiple shell commands within the skill directly interpolate the `VIDEO_URL` variable (e.g., `yt-dlp ... "VIDEO_URL"`). If the `VIDEO_URL` is provided by an untrusted user and not properly sanitized by the host LLM or its execution environment, an attacker could inject arbitrary shell commands by crafting a malicious `VIDEO_URL` (e.g., `https://example.com" --output "/tmp/foo; rm -rf /"`). This could lead to arbitrary code execution on the system where the skill is run. Ensure that all user-provided inputs, especially `VIDEO_URL`, are strictly validated and properly escaped or quoted when used in shell commands. The host LLM environment should provide mechanisms for safe command execution, such as using a dedicated tool execution API that handles argument sanitization. | LLM | SKILL.md:22 |
Scan History
Embed Code
[](https://skillshield.io/report/e38e5684cb1cc4d9)
Powered by SkillShield