Skillv1.3.2

ClawScan security

Youtube Summary · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 24, 2026, 11:18 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill does what it says — it fetches YouTube transcripts via TranscriptAPI.com and summarizes them — and its requested resources are proportional to that purpose.
Guidance: This skill appears coherent and is likely safe to install for its stated purpose, but consider the following before using it: - TranscriptAPI.com will receive the video identifier and return transcripts; ensure you trust that service and understand its privacy/cost model (the README mentions a $5/mo plan). Transcripts (which may contain copyrighted or private content) are printed as JSON and then sent to your agent/LLM for summarization — avoid feeding sensitive videos unless you accept that exposure. - Store TRANSCRIPT_API_KEY securely (using the suggested 'pass' workflow or environment variable). The skill warns environment variables can be visible; using --api-key-file with a temp file reduces exposure in process listings. - Install Python deps in a virtual environment (pip install -r requirements.txt). The code calls the 'yt-dlp' binary as a fallback; ensure yt-dlp is available in your environment if you want metadata fallback to work. - The code defaults to English for transcript language detection; summaries will follow that value. If you need stronger guarantees about language detection or transcript integrity, review the extract.py implementation. - The SKILL.md prohibits fallback web_search and forbids fabricating transcripts; those are good safety constraints — verify the agent follows them. If you need anything changed (e.g., explicit declaration of yt-dlp as a required binary, different transcript provider, or not transmitting full transcripts to the model), ask the skill author or audit the runtime to implement that behavior.

Review Dimensions

Purpose & Capability: okName/description match the implementation: the skill extracts transcripts (TranscriptAPI.com) and summarizes them. The single declared credential (TRANSCRIPT_API_KEY) is exactly the API key used to call TranscriptAPI. The skill requires python3 and Python packages (requests, yt-dlp) which are reasonable for this task. Minor note: the manifest lists only python3 as a required binary even though the code invokes the 'yt-dlp' executable (provided by the yt-dlp package); this is an implementation/packaging detail, not a functional mismatch.
Instruction Scope: noteSKILL.md explicitly instructs the agent to run the included extract.py and to never fabricate transcripts or fall back to web_search. The script only reads the API key (from env or an api-key file) and the provided YouTube URL; it makes HTTP requests to YouTube oEmbed and TranscriptAPI and may call yt-dlp as a fallback. The script prints the full transcript as JSON on stdout (RESULT: ...), which will be consumed by the agent/LLM — be aware that full transcript text is transmitted to the model during summarization (privacy/copyright consideration). No instructions ask the agent to read unrelated files or credentials.
Install Mechanism: noteThis is instruction-first (no automated install spec). It requires pip-installing requirements.txt (requests, yt-dlp) from PyPI — a standard, reasonable approach. There are no downloads from untrusted URLs or archive extraction. Users should run pip install in a controlled virtual environment.
Credentials: okOnly TRANSCRIPT_API_KEY is required and is used by the extraction script. The README/SKILL.md suggests an optional 'pass' workflow for secure key retrieval; that is optional and consistent with the stated purpose. No other unrelated secrets or system config paths are requested.
Persistence & Privilege: okalways is false and the skill does not request permanent system-wide privileges. It does not modify other skills or system-wide config. Autonomous invocation is enabled (platform default) but not combined with other concerning flags.