Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
YouTube Content Manager
v1.0.1YouTube内容管理后台,支持AI选题生成、脚本创作、标题优化、SEO描述生成、缩略图文案建议、发布记录管理和数据分析。集成SkillPay支付接口,每次调用收0.001USDT。
⭐ 0· 69·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code implements the advertised YouTube content-management features (topic generation, script/title/description generation, storage and analysis, local SQLite DB). However the SKILL.md and code disagree about which AI provider is used (SKILL.md says OpenAI; code calls a 'SiliconFlow' API) and the SKILL.md claims the user must configure an OpenAI API key while the code contains hardcoded third-party API keys. Payment integration is present in code and SKILL.md (SkillPay), which is coherent with a paid tool, but that payment API key is embedded in the skill rather than declared as a required credential for the user to supply.
Instruction Scope
Runtime instructions (SKILL.md) instruct the user to configure an OpenAI API key and to run the Flask app, but the app code actually uses a different AI endpoint and hardcoded keys. The SKILL.md also publishes a SkillPay API key in plaintext. The code will send user prompts and generated content to external endpoints (skillpay.me for billing and api.siliconflow.cn for AI), which is expected for remote AI generation and payments, but the mismatch between documentation and code (provider/key handling) gives the agent broad discretion that is not described. The payment flow in code is unusual (e.g., charge_user posts amount: 0 to /charge) — behavior not explained in SKILL.md.
Install Mechanism
No install spec; this is instruction + code only and does not automatically download or execute remote archives. The user-run install instructions (pip install ...) are typical. No suspicious installer URLs or extraction steps detected.
Credentials
Registry metadata declared no required environment variables or primary credential, but the code contains multiple hardcoded secrets (SKILLPAY_API_KEY, SILICONFLOW_API_KEY, Flask SECRET_KEY). SKILL.md also prints a SkillPay API key. The SKILL.md asks the user to configure an OpenAI API key, which the code does not use, creating a mismatch between declared requirements and actual secret usage. Hardcoded billing keys are a significant red flag because they can be abused or indicate the skill will bill through the embedded account.
Persistence & Privilege
The skill writes a local SQLite database and uses Flask session cookies (with a fixed SECRET_KEY). It does not request 'always: true' or modify other skills or global agent settings. Its persistence is limited to its own data directory and session state.
Scan Findings in Context
[hardcoded_api_key_SKILLPAY_API_KEY] unexpected: A billing API key for SkillPay is hardcoded in both SKILL.md and app.py. Payment integration makes sense for a paid skill, but keys should be provided by the operator (env var or config) instead of embedded; embedding means the skill will bill with that account or expose the key.
[hardcoded_api_key_SILICONFLOW_API_KEY] expected: An AI provider API key is hardcoded. Using an AI API key is expected for AI generation, but again it should be configurable and documented. Additionally, SKILL.md states OpenAI should be used, causing a provider mismatch.
[hardcoded_SECRET_KEY] unexpected: Flask SECRET_KEY is fixed in code; this weakens session security and can be trivially reused by others. SECRET_KEY should be unique per deployment and set via environment variables.
What to consider before installing
This skill implements the promised YouTube content features but shows several red flags you should address before running:
- Do not run this on a machine with credentials you care about until you inspect and remove hardcoded secrets. The code contains hardcoded API keys (SkillPay and SiliconFlow) and a fixed Flask SECRET_KEY. These keys may be valid and could be used by the skill owner to receive payments or process AI requests — or they could be stolen keys. Replace them with your own credentials stored in environment variables.
- The SKILL.md instructs you to configure OpenAI, but the code calls a different AI provider (api.siliconflow.cn). Confirm which provider you trust, remove unused dependencies, and update the documentation.
- The payment flow is odd (charge endpoint with amount 0 in some calls, pay route uses amount 8), and the SKILL.md exposes a SkillPay API key. If you plan to accept or pay money, review the billing endpoints and test in TEST_MODE first. Keep TEST_MODE = True until you fully audit the billing code.
- The app transmits user prompts and generated content to external endpoints. If your prompts or stored video scripts contain sensitive information, understand that data will be sent to the configured AI/payment services.
- Suggested safe actions: run the code in an isolated environment, remove or rotate the hardcoded API keys, set SECRET_KEY and API keys via environment variables, verify the skill owner's identity (homepage is missing and source is unknown), and consider using your own paid AI account. If you cannot verify or remove the embedded keys, treat this skill as untrusted.Like a lobster shell, security has layers — review code before you run it.
aivk97c2695jxemdmm71yea1bqrth83fhn0chinesevk97c2695jxemdmm71yea1bqrth83fhn0contentvk97e7ej9j9tzp2q3wfegkdxcpn83g9nqlatestvk97e7ej9j9tzp2q3wfegkdxcpn83g9nqmanagementvk97e7ej9j9tzp2q3wfegkdxcpn83g9nqmonetizationvk97e7ej9j9tzp2q3wfegkdxcpn83g9nqscriptvk97c2695jxemdmm71yea1bqrth83fhn0seovk97c2695jxemdmm71yea1bqrth83fhn0siliconflowvk97c2695jxemdmm71yea1bqrth83fhn0skillpayvk97c2695jxemdmm71yea1bqrth83fhn0youtubevk97e7ej9j9tzp2q3wfegkdxcpn83g9nq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.