Skillv0.1.0

ClawScan security

Youtube Transcribe Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 28, 2026, 3:05 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's requested actions (yt-dlp and browser automation) match its stated purpose of extracting YouTube transcripts; no unrelated credentials or installers are requested, though there are small inconsistencies and privacy-relevant behaviors you should be aware of.
Guidance: This skill appears to do what it says: extract YouTube transcripts using yt-dlp or browser automation. Before installing, consider: (1) yt-dlp --cookies-from-browser will access your browser cookie store to handle sign-in-protected videos — only proceed if you are comfortable with that and trust the runtime. (2) The fallback uses a chrome-devtools plugin to open pages and run JavaScript on them; review what that plugin can access in your environment. (3) SKILL.md mentions 'WebFetch'/'firecrawl' but those tools aren't declared — if the agent attempts those, verify what implementation will be used. (4) No external credentials are requested and nothing is downloaded by the skill itself, which reduces risk. If you plan to use this skill, ensure yt-dlp and/or the specified mcp plugin are installed from trusted sources and avoid running it in environments where exposing browser cookies would be unacceptable.

Review Dimensions

Purpose & Capability: noteThe skill's name and description align with its instructions: it uses yt-dlp when available and falls back to browser automation to extract transcripts. Minor inconsistency: SKILL.md mentions using 'WebFetch' or 'firecrawl' to fetch the page/title, but those tools are not listed in the allowed-tools block. Otherwise the declared allowed tools (yt-dlp and the chrome-devtools mcp plugin) are appropriate for the stated purpose.
Instruction Scope: noteInstructions stay focused on extracting transcripts and saving them locally. Privacy-relevant behaviors: recommending yt-dlp with --cookies-from-browser=chrome means the tool will read browser cookie stores to bypass sign-in restrictions; the mcp__plugin evaluate_script step runs arbitrary JS on the video page (reads DOM/transcript). These are coherent for scraping transcripts but can expose local browser cookies or other page content if the environment/tool implementation is broad.
Install Mechanism: okNo install spec (instruction-only), so nothing is being downloaded or written by the skill itself. This is low-risk from an install perspective.
Credentials: okThe skill does not request environment variables, credentials, or config paths. It does rely on local tools (yt-dlp and a chrome-devtools mcp plugin) and on access to the browser's cookie store via yt-dlp, which is proportional to the goal but privacy-sensitive; no extra unrelated credentials are requested.
Persistence & Privilege: okalways is false and the skill is user-invocable. It does not request permanent presence or modifications to other skills or system-wide settings.