ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Youtube Transcriber

v1.0.0

One-command YouTube video transcription. Automatically downloads audio and transcribes using OpenAI Whisper API — works even when YouTube subtitles are disab...

0· 276·1 current·1 all-time
by@edisonchenai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description align with the code: it first tries YouTube subtitles and falls back to downloading audio and calling OpenAI Whisper. The declared prerequisites in README/SKILL.md (yt-dlp, ffmpeg, OPENAI_API_KEY) are appropriate for the stated purpose. However, the registry metadata for the skill lists no required environment variables while the runtime script requires OPENAI_API_KEY — that's an inconsistency.
Instruction Scope
Runtime instructions (scripts/transcribe.sh) are narrowly scoped to: calling yt-dlp/ffmpeg, parsing VTT, compressing audio, and POSTing audio to https://api.openai.com/v1/audio/transcriptions. It writes temporary files in /tmp and checks common local paths for yt-dlp. It does upload user audio to OpenAI (expected for Whisper) — this is a privacy/network action worth highlighting but is coherent with the stated purpose. The script does not appear to read unrelated secrets or exfiltrate data to third-party endpoints besides OpenAI.
Install Mechanism
There is no install spec (instruction-only + included script). Nothing is downloaded or executed automatically by an installer. This is lower risk than an automatic download/install flow.
!
Credentials
The script requires OPENAI_API_KEY at runtime but the skill metadata does not declare any required environment variables. That mismatch means automatic permission reviewers may miss a required secret. The script also probes a specific path ($HOME/.venvs/agent-reach/bin/yt-dlp) and other local paths for binaries; while not directly a credential request, it reveals assumptions about local agent environment and could cause it to use a binary from an unexpected venv. Aside from OPENAI_API_KEY and local path probing, no other unrelated secrets are requested.
Persistence & Privilege
The skill does not request always:true and is user-invocable only. It does not attempt to modify other skills or system-wide config. It writes transient files to /tmp and user-chosen output paths only, which is expected for this utility.
What to consider before installing
Before installing or running this skill: (1) be aware it uploads downloaded audio to OpenAI (Whisper) — sensitive audio will be sent off-host; check your privacy policy for that. (2) The skill requires OPENAI_API_KEY at runtime, but the registry metadata does not declare this — supply the key only if you trust the destination and remove keys you don't want shared. (3) Verify yt-dlp and ffmpeg come from trusted sources (brew/pip/homebrew) rather than an unknown venv path the script probes. (4) Review the included scripts/transcribe.sh yourself (or run in a sandbox) since it will invoke binaries, write temp files under /tmp, and can read common HOME paths. (5) If you plan to allow autonomous invocation, consider the privacy implications of automatic audio uploads. If possible, request that the publisher update the registry metadata to declare OPENAI_API_KEY as a required env var and clarify any assumptions about local binary locations.

Like a lobster shell, security has layers — review code before you run it.

latestvk979fzx641ym568pzkpf6edknx82h82d

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments