Skillv1.0.0

ClawScan security

Search YouTube videos, channels, and playlists · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousFeb 16, 2026, 4:09 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior is coherent with its stated purpose (calling AIsa's YouTube search endpoint with AISA_API_KEY), but provenance and metadata inconsistencies plus the fact that it routes all queries to a third-party API warrant caution.
Guidance: This skill appears to do exactly what it says: send YouTube search queries to AIsa's API using an AISA_API_KEY. Before installing, confirm you trust the AIsa service (api.aisa.one / marketplace.aisa.one) because all queries and their parameters will be sent to that third party. Note the metadata mismatches (owner ID vs _meta.json and small version differences) and lack of a homepage/source — these are provenance red flags; prefer skills with clear authorship and a public homepage. If you proceed: (1) use a dedicated AISA_API_KEY with least privilege and billing limits, (2) avoid sending sensitive data in queries, and (3) monitor usage and rotate the key if anything unexpected appears. If you need higher assurance, ask the publisher for a canonical homepage or signed source and verify the owner identity before installing.

Purpose & Capability: noteThe skill name/description match the runtime instructions: it only documents calls to https://api.aisa.one/apis/v1/youtube/search and requires AISA_API_KEY. Requesting a single AIsa API key is proportional to the described YouTube-search capability. Minor mismatch: registry metadata lists ownerId 'kn76s7az...' while _meta.json and SKILL.md identify 'aisa-one' — a provenance inconsistency to verify.
Instruction Scope: okSKILL.md only instructs the agent to call the AIsa endpoint (curl/requests examples) and to read AISA_API_KEY from the environment. It does not instruct reading unrelated files, other env vars, or system paths. All network traffic is directed to api.aisa.one (a third-party service).
Install Mechanism: okNo install spec and no code files — instruction-only skill. This is the lowest install risk (nothing is written to disk by an installer).
Credentials: okOnly a single env var (AISA_API_KEY) is declared and used. That is proportionate for an API-based search skill. Note: SKILL.md uses that env var directly; primary credential was listed as 'none' in registry metadata which is slightly inconsistent but not dangerous by itself.
Persistence & Privilege: okalways:false (default) and no requests to modify other skills or system settings. The skill can be invoked autonomously by the agent (platform default), but it does not request elevated persistence.