Skillv1.0.0

ClawScan security

Youtube Downloader Skimmer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 4, 2026, 7:25 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill generally matches its stated purpose (download & clip YouTube videos) but contains multiple code bugs, mismatches between documentation and implementation (e.g., sending to platforms not implemented, chapter detection placeholder), and small packaging inconsistencies — these make its behavior unclear and warrant caution before use.
Guidance: This skill looks like a genuine YouTube download + clip tool but has implementation problems and misleading documentation. Before installing or running it: 1) Do not run on production or sensitive systems — test in a sandbox with limited disk/network access. 2) Expect to install yt-dlp (pip) and system ffmpeg; large downloads will consume bandwidth/disk. 3) The code has bugs you should fix (e.g., wrong variable used when selecting format, use of OUTPUT_DIR/title before they are defined, hardcoded duration instead of reading actual video duration, and send_to_platform() does not implement real delivery). 4) If you need automatic sending to Telegram/QQ, treat that as not implemented until you or the author add secure, credentialed upload logic. 5) Consider reviewing and running the script line-by-line to confirm behavior and add proper error handling, real chapter extraction from yt-dlp info, and any needed credential handling in a secure way.

Review Dimensions

Purpose & Capability: concernThe name/description promise (download + auto-clip + send to QQ/Telegram) mostly aligns with included code, but there are notable mismatches: package.json lists Node-style dependencies (yt-dlp, ffmpeg) while the runtime is Python using the yt_dlp pip package; SKILL.md and README advertise sending to QQ/Telegram but send_to_platform() only prints file paths and does not implement network delivery; chapter detection is advertised as "automatic" but the code uses a hardcoded duration placeholder (900s) and heuristic splitting rather than extracting real chapter metadata. These inconsistencies mean the skill may not perform as described without fixes.
Instruction Scope: concernSKILL.md instructs installing yt-dlp and ffmpeg and running the tool with various flags — that matches the code's intent. However, the instructions promise functionality the runtime does not implement (platform delivery) and refer to automatic chapter extraction even though the Python code does not query actual video metadata for chapters and uses a fixed duration. The instructions do not ask for any unrelated files/credentials or read environment variables, which is good, but their operational promises exceed the implemented scope.
Install Mechanism: okNo install spec is present (instruction-only), and included code runs as a local Python script; dependencies are expected to be installed via pip and system package manager (ffmpeg). There are no remote download URLs or archive extraction steps. This is a lower install risk, but the package.json (Node-style) is unnecessary and confusing for a Python tool.
Credentials: okThe skill requests no environment variables, credentials, or sensitive config paths. The runtime uses only command-line args and writes output to a local directory (default /tmp/openclaw/). No evidence of reading secrets or exfiltrating data to hidden endpoints.
Persistence & Privilege: okalways: false and no code persists itself into agent config or modifies other skills. It writes files to its output directory and can delete the raw download if requested — that is proportional for its purpose.