OpenClaw YouTube Upload
PassAudited by ClawScan on May 10, 2026.
Overview
This skill appears to do what it says—upload user-selected videos to YouTube—but it needs Google OAuth access and stores a reusable local token.
Install this only if you intend to grant a Google account YouTube upload permission. Review the selected video file, title, description, and privacy setting before each upload, protect or delete token.pickle when finished, and install the Python dependencies in a trusted virtual environment.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
After authorization, the agent can upload videos to the user's YouTube account using the saved token.
The skill requests Google OAuth authority to upload to YouTube and persists the resulting credential locally. This is necessary for the stated purpose, but it grants account-level upload capability.
SCOPES = ['https://www.googleapis.com/auth/youtube.upload'] ... token_file = 'token.pickle'
Authorize only the intended Google account, verify the video and privacy setting before uploads, and delete or protect token.pickle when you no longer want the skill to have upload access.
A mistaken file path, title, description, or privacy setting could upload the wrong video or make it visible to others.
The core tool can publish a selected video to YouTube, including as public content. This is expected for an uploader, but a wrong argument could publish unintended content.
parser.add_argument('--privacy', default='unlisted', choices=['public', 'private', 'unlisted'] ... youtube.videos().insert(Have the agent confirm the exact file, title, description, and privacy status before running the upload, especially for public uploads.
Future dependency changes or a compromised package source could affect the behavior of the uploader.
The setup instructions install third-party Python packages without pinned versions. These dependencies are appropriate for YouTube OAuth/API access, but version pinning would improve reproducibility.
pip3 install google-api-python-client google-auth-oauthlib google-auth-httplib2
Install in a virtual environment from a trusted package index and consider pinning known-good dependency versions.
If an attacker can place or modify token.pickle where the script runs, running the skill could execute unintended local code.
Python pickle files can execute code if they are maliciously crafted. In normal use the skill creates token.pickle itself, but loading a tampered token file from the working directory would be risky.
with open(token_file, 'rb') as token:
creds = pickle.load(token)Run the script only from trusted directories, do not reuse token.pickle files from untrusted sources, and consider replacing pickle storage with a safer credential format.