YouTube Outliers & Niche Finder Data by TubeLab
Security checks across malware telemetry and agentic risk
Overview
This is a coherent TubeLab API reference skill that uses a TubeLab API key and credit-bearing endpoints, so users should monitor account usage but the behavior is disclosed and purpose-aligned.
Before installing, make sure you are comfortable giving the agent access to your TubeLab API key and with API calls potentially consuming TubeLab credits. There is no evidence of hidden code, persistence, credential exfiltration, or behavior outside the stated YouTube research purpose.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If installed, the agent can make TubeLab API requests using the configured API key.
The skill requires a TubeLab API key, which grants access to the user's TubeLab account/API quota. This is expected for the stated API integration and no leakage or unrelated credential use is shown.
Every request requires an `Authorization` header with your API key: `Authorization: Api-Key $TUBELAB_API_KEY`
Use a revocable TubeLab API key, keep it out of shared logs/prompts, and monitor account usage.
Searches and scans may spend TubeLab credits if the agent uses them.
The skill documents API operations that can consume paid credits. This is disclosed and aligned with the TubeLab research purpose, but it is still a usage-impacting capability.
Most endpoints cost credits... `POST /scan` | 50–100 credits
Review or limit expensive scan/search requests, especially repeated or broad research tasks.