Security audit
Youtube Serp
Security checks across malware telemetry and agentic risk
Overview
The package's code, manifests, and runtime instructions are consistent with a YouTube SERP client that calls the AIsa API and only requires an AISA_API_KEY; nothing requests unrelated credentials or installs arbitrary code.
This package appears coherent: it runs a local Python client that sends search queries to api.aisa.one and requires only AISA_API_KEY. Before installing, verify you trust the AIsa service and the caller that will supply the API key; avoid using keys with broader privileges than necessary, do not send sensitive or private data in queries, and consider reviewing the small python script yourself. If you later suspect the key was leaked, rotate it.
VirusTotal
No VirusTotal findings
Static analysis
No suspicious patterns detected.
