Skillv1.0.0

ClawScan security

YouTube OpenClaw 监控系统 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 14, 2026, 10:41 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions claim to run a Node.js monitoring script and to install an npm package, but no executable script or install spec is included and required credentials (e.g., a Telegram bot token) are missing — the package appears incomplete or inconsistent.
Guidance: Do not run or schedule the commands included here yet. This package provides only documentation and no executable script — the key runtime file (scripts/youtube-openclaw-monitor.js) is missing. Before installing or running anything, ask the publisher for the missing script and for full setup instructions. Verify how Telegram messages are sent (you should expect a Telegram bot token or bot API key; TELEGRAM_USER_ID alone is insufficient). If they provide code, review it for network endpoints and where it stores credentials; run it in a sandbox or isolated environment first. Also confirm why the npm dependency is needed and inspect the package.json and the actual script contents before installing packages or adding cron jobs.

Review Dimensions

Purpose & Capability: concernThe skill says it will search YouTube, fetch transcripts, summarize, and push to Telegram, but the package contains only README.md and SKILL.md — there is no scripts/youtube-openclaw-monitor.js or any code to perform those actions. The SKILL.md also instructs installing https-proxy-agent and running a Node script in scripts/, but that script/directory is not present. This is internally inconsistent.
Instruction Scope: concernRuntime instructions tell the agent/user to run a Node script, set TRANSCRIPT_API_KEY and TELEGRAM_USER_ID, and schedule a cron job. They do not reference or include any code, and they omit an essential credential (a Telegram bot token or API key) required to send Telegram messages. The instructions therefore either assume missing external artifacts or leave too much unspecified, giving broad discretion to the implementer.
Install Mechanism: noteThere is no install spec in the registry (instruction-only), which is low risk by itself. However, SKILL.md/README recommend running npm install https-proxy-agent locally; that is a legitimate package but the instruction asks the user to install it into a non-existent scripts/ directory. Because no code is provided, there's nothing for the scanner to verify.
Credentials: concernDeclared required env vars in the docs are TRANSCRIPT_API_KEY and TELEGRAM_USER_ID, which are plausible for transcript retrieval and addressing messages. But the workflow as described would normally also require a Telegram bot token (TELEGRAM_BOT_TOKEN) or similar bot credentials to actually send messages; its absence is a meaningful omission. No primaryEnv or credentials are declared in the registry metadata despite the skill asking for API keys.
Persistence & Privilege: okThe skill does not request always:true and is not force-included. It is user-invocable and allows autonomous invocation (platform default). There is no indication it would modify other skills or system-wide settings.