Youtube Podcast summarizer via Elevenlabs
v1.0.0Transform YouTube videos into podcast-style voice summaries using ElevenLabs TTS
⭐ 1· 1.8k·4 current·5 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The services the skill requires (Supadata for transcripts, OpenRouter for summarization, ElevenLabs for TTS) align with the described functionality. However, the registry-level metadata at the top of the package listing claims no required environment variables or credentials while the included skill.json and SKILL.md explicitly require ELEVENLABS_API_KEY, SUPADATA_API_KEY, and OPENROUTER_API_KEY — an internal inconsistency that should be resolved before trusting the package.
Instruction Scope
The SKILL.md instructs the operator to clone and run a backend (npm install; npm start) and to place API keys into a .env file. The runtime steps only call a local API (http://127.0.0.1:3050) which is consistent with a separate backend, but running arbitrary code from the referenced GitHub repo executes unvetted server code that could read or transmit secrets or other local data. The skill also suggests making BASE_URL publicly accessible, which increases exposure risk if the backend is misconfigured. There are no instructions that overtly read unrelated system files, but the requirement to run third-party server code broadens the attack surface.
Install Mechanism
There is no platform install spec; instead SKILL.md tells users to git clone https://github.com/Franciscomoney/elevenlabs-moltbot, npm install, and run the server. Downloading and executing code from a GitHub repo is a common pattern but carries execution risk: the repo may contain malicious or buggy code, post-startup network calls, or accidental exfiltration. The homepage is a GitHub repo (not an opaque personal server), which is better than an untrusted binary URL, but you still need to review the repository before running it.
Credentials
The environment variables required by the service (ElevenLabs, Supadata, OpenRouter API keys) are proportionate to the stated purpose. That said, the top-level registry metadata omitted these required_env entries (another inconsistency). Also, placing keys into a .env file for a server you run locally is convenient but risky if the server or environment is accessible externally — the instructions explicitly mention making BASE_URL public, which could expose API keys or outputs if the backend leaks them.
Persistence & Privilege
The skill does not request always: true and does not ask to modify other skills or system-wide settings. It includes autoTrigger patterns for YouTube links (expected for this kind of skill). Autonomous invocation is allowed by default (disable-model-invocation is false), which is normal; combined with the need to run an external server, this increases blast radius if the backend or keys are compromised, but the skill itself does not request elevated platform privileges.
Scan Findings in Context
[no_regex_findings] expected: The static regex scanner found nothing to analyze because this is an instruction-only skill with no embedded code files; however the SKILL.md tells the user to clone and run a GitHub repo, so the actual code to inspect lives in that external repository.
What to consider before installing
Before installing or running this skill: (1) Verify the GitHub repository contents yourself — review server code (especially network calls, logging, and any code that reads files or environment variables) before running npm start. (2) Only provision API keys with least privilege and, if possible, use expendable/limited keys for testing. (3) Run the backend in an isolated environment (container, VM, or restricted user) and bind it to localhost unless you intentionally want a public endpoint; avoid setting BASE_URL to a public address until you’ve audited the code. (4) Confirm where and how API keys are stored (.env files can be readable by other processes); consider using runtime secrets managers or environment injection. (5) Resolve the registry inconsistency (the registry metadata omitted required_env) — if the platform will not surface the required credentials to the skill, it may fail or behave unexpectedly. (6) If you’re not comfortable auditing the repo yourself, treat this package as untrusted code and do not run it on production systems or with high‑value credentials.Like a lobster shell, security has layers — review code before you run it.
elevenlabsvk9777b6wwpjt6qejke6swqees980aks3latestvk9777b6wwpjt6qejke6swqees980aks3samvk9777b6wwpjt6qejke6swqees980aks3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🎙️ Clawdis