Skillv1.0.0

ClawScan security

summerizeryoutube · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 27, 2026, 7:54 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions, tool declarations, and lack of requested credentials are coherent with a YouTube transcript summarizer that expects a local backend; nothing requested is disproportionate to that purpose.
Guidance: This skill appears to be a straightforward instruction-only YouTube summarizer that expects a local backend at http://localhost:8000 to do transcript fetching, chunking, embeddings, and retrieval. Before installing or enabling it: (1) confirm you run and control the local service it calls — the agent will send video URLs and user questions to that service; (2) audit that local service code for any external calls or credential usage (the skill itself declares none); (3) if you do not run a local backend, the skill's tool calls will fail; (4) note the minor mismatch where skill.json mentions 'Telegram' — check whether this is relevant to your deployment; (5) if you need stricter privacy, run the backend in a sandbox or add authentication to the localhost endpoints so untrusted local processes cannot intercept user data.

Purpose & Capability: noteThe skill declares tools for processing and retrieving transcript chunks and the SKILL.md describes RAG-based summarization and Q&A — this aligns with the stated YouTube summarizer purpose. Minor mismatch: skill.json description mentions 'Telegram' while SKILL.md and other metadata do not reference Telegram integration; this appears cosmetic but could indicate a template copy-paste.
Instruction Scope: okRuntime instructions strictly direct the agent to call the two declared tools (process_video and retrieve_chunks) and to base answers only on returned transcript chunks. The instructions do not ask the agent to read unrelated files, environment variables, or external endpoints beyond the declared tools.
Install Mechanism: okThis is an instruction-only skill with no install spec or code files, so nothing is written to disk or fetched during install. That is the lowest-risk install model.
Credentials: noteThe skill requests no environment variables or credentials, which is appropriate. However, the declared tools call unauthenticated HTTP endpoints on localhost (http://localhost:8000). That is coherent for a local backend but means the agent will send user-provided data to any service listening there — verify that service is trusted.
Persistence & Privilege: okNo special persistence or always:true setting is requested. The skill is user-invocable and does not modify other skills or agent-wide settings.