The 3DS's YouTube app is exploitable, actually. It runs an older revision of webkit and can be redirected with a really simple MITM (at least on the 3DS and as of August, last time I checked.) That being said, it's still not spider and obviously won't be able to run exploits built for spider or SKATER.