Skillv1.0.0

ClawScan security

YouTube Transcript Extractor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 11, 2026, 9:29 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's documentation (SKILL.md) and declared behavior do not match the actual code: the README claims a Supadata API + yt-dlp fallback and a specific installed command path, but the shipped scripts use different libraries and direct curl calls and there is no install or env declaration for the claimed API key.
Guidance: This skill appears to implement YouTube transcript extraction, but the documentation and shipped code disagree in several places. Before installing or providing any credentials: 1) ask the author which method is intended (Supadata API + yt-dlp, or the included node/curl scripts), 2) do not put any SUPADATA_API_KEY or other secret into an .env unless you confirm the code actually uses it, 3) if you intend to run the Node scripts, run npm install in an isolated environment and review package-lock.json (and consider npm audit), 4) be aware the shell script uses curl to fetch YouTube pages and parses captionTracks (network activity is normal for this task), and 5) if you need stronger assurance, request a corrected SKILL.md that matches the shipped scripts or a provenance link (repo/homepage) so you can verify origin and intent.

Review Dimensions

Purpose & Capability: concernSKILL.md claims the primary method is a Supadata API (SUPADATA_API_KEY in .env) with a yt-dlp fallback and exposes a command at /root/clawd/yt-transcript. None of the three shipped scripts reference Supadata or yt-dlp, and the files are named transcript.js/.mjs/yt-transcript.sh rather than an installed binary at the documented path. The actual code uses youtube-captions-scraper, youtubei.js, and direct curl parsing of the YouTube page — which is a plausible way to extract transcripts, but it contradicts the documentation and advertised dependencies.
Instruction Scope: concernSKILL.md instructs callers to run /root/clawd/yt-transcript and references an external API key and yt-dlp fallback. The runtime instructions are inconsistent with the included scripts: the scripts output timestamps (contradicting the claim 'timestamps removed'), fetch YouTube pages with curl, and call Node libraries. The README is vague/incorrect about what will be run and where, giving the agent broad/ambiguous discretion (e.g., 'Primary: Supadata API' but no code).
Install Mechanism: noteThere is no install spec (instruction-only), which reduces install-time risk. However package.json and package-lock.json are included, implying Node dependencies must be installed for the .js/.mjs scripts to work; SKILL.md does not document this. No external downloads, shorteners, or obscure URLs are present in the provided files. The lack of an installation step is an inconsistency to be aware of (user or runtime may need to run npm install).
Credentials: concernSKILL.md says an API key SUPADATA_API_KEY should be stored in .env, but requires.env lists no environment variables and none of the shipped scripts reference SUPADATA_API_KEY or any other secret. The documentation asks for a credential that the code does not use — this is misleading and could cause users to expose a key unnecessarily if they follow the docs.
Persistence & Privilege: okThe skill does not request always:true, does not declare system-wide config changes, and does not require binaries or config paths. It will perform network requests (curl and library HTTP calls) to fetch YouTube pages, which is expected for its purpose.