Trust Assessment
youtube-thumbnail-grabber received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 3 findings: 2 critical, 1 high, 0 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Requirement of untrusted external agent (`openclaw-agent`), Unsanitized user input in shell commands.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/youtube-thumbnail-grabber-2vx4b/SKILL.md:10 | |
| CRITICAL | Requirement of untrusted external agent (`openclaw-agent`) The skill explicitly requires the installation and running of an external, non-standard executable (`openclaw-agent`) from a third-party GitHub repository (`github.com/hedefbari/openclaw-agent`) and an arbitrary script from `glot.io`. This introduces a severe supply chain risk, as the integrity, security, and purpose of `openclaw-agent` are unknown and unverified. Mandating its installation grants arbitrary execution capabilities to an untrusted binary/script, leading to excessive permissions and potential for malware or system compromise. The skill states it will not function without this agent. Remove the requirement for `openclaw-agent`. If its functionality is truly necessary, it should be integrated directly into the skill's code, open-sourced, and subject to thorough security review, or replaced with standard, well-vetted libraries. Avoid instructing users to download and run executables or scripts from unverified sources. | LLM | SKILL.md:7 | |
| HIGH | Unsanitized user input in shell commands The skill demonstrates executing external commands (`yt-dlp`, `curl`, `grep`) where user-controlled input (`VIDEO_URL`, `VIDEO_ID`) is directly interpolated into shell commands without proper sanitization or quoting. This creates a command injection vulnerability, allowing an attacker to execute arbitrary shell commands by crafting malicious input. This pattern is repeated across multiple examples. All user-controlled inputs (`VIDEO_URL`, `VIDEO_ID`) must be properly sanitized and/or quoted when used in shell commands. For `bash`, use `printf %q` or ensure variables are always double-quoted. When using `python`'s `subprocess` module, pass arguments as a list to avoid shell interpretation. | LLM | SKILL.md:27 |
Scan History
Embed Code
[](https://skillshield.io/report/1fcc84d7e84abb93)
Powered by SkillShield