Youtube Summary

PassAudited by ClawScan on May 1, 2026.

Overview

The skill appears to do what it claims: summarize YouTube videos, while requiring a TranscriptAPI key and using disclosed Python/network tools to fetch transcripts.

Install only if you are comfortable giving the skill a TranscriptAPI key and letting it contact TranscriptAPI/YouTube to fetch transcripts. Use a dedicated key, monitor quota usage, and consider pinning dependencies if you install it in a sensitive environment.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Low

#ASI03: Identity and Privilege Abuse

What this means

Your TranscriptAPI key and paid transcript quota may be used whenever the skill fetches a transcript.

Why it was flagged

The script sends the user-provided TranscriptAPI key to the transcript provider as a bearer token. This is expected for the service and the artifacts do not show key logging or unrelated credential use.

Skill content

headers = {"Authorization": f"Bearer {api_key}"}

Recommendation

Use a dedicated TranscriptAPI key, store it via the documented env var or password-store method, and revoke or rotate it if you stop using the skill.

Low

#ASI02: Tool Misuse and Exploitation

What this means

Using the skill may run local Python code and a yt-dlp command that makes network requests for YouTube metadata.

Why it was flagged

The extractor can run yt-dlp as a metadata fallback. The command is fixed, uses a validated video ID, and is aligned with the YouTube-summary purpose.

Skill content

subprocess.run([
            "yt-dlp", "--dump-json", "--no-download",
             f"https://www.youtube.com/watch?v={video_id}"],

Recommendation

Install yt-dlp and Python dependencies from trusted sources and keep them updated.

Low

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

Dependency behavior can change over time if packages update upstream.

Why it was flagged

The dependency file lists unpinned Python packages, so future installs may pull newer package versions than those originally tested.

Skill content

requests
yt-dlp

Recommendation

Prefer pinned dependency versions or review package updates before installing in a sensitive environment.

Info

#ASI01: Agent Goal Hijack

What this means

A video transcript containing prompt-like wording could influence the summary if the assistant does not treat it strictly as source material.

Why it was flagged

The prompt template places external transcript text into the model context along with user instructions. This is necessary for summarization, but transcript content should not be treated as authoritative instructions.

Skill content

ADDITIONAL USER INSTRUCTIONS: {custom_prompt}

Transcript:
{transcript}

Recommendation

Keep transcript text clearly framed as data to summarize and ignore instructions that appear inside the transcript unless the user explicitly requested them.